Report - aguilerapropiedades.cl/captcha.zip

Report Overview

Visited public
2025-02-20 23:30:44
Tags
Submit Tags
URL
aguilerapropiedades.cl/captcha.zip
Finishing URL
about:privatebrowsing
IP / ASN
186.64.114.50
#52368 ZAM LTDA.
Title
about:privatebrowsing

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aguilerapropiedades.cl	unknown	2017-07-19	2019-07-13	2025-02-17	502 B	333 kB	186.64.114.50

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
aguilerapropiedades.cl/captcha.zip
IP
186.64.114.50
ASN
#52368 ZAM LTDA.

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
333 kB (332694 bytes)
Hash
97934df3471ee85b6704d322b8b942f7
617c5e7d753472ad4312c71e15bb7ef3ac036233
f01f553a877026df8fc7a02363d49bc3a74819b61bdd5224767c0c8b1b53bf87

Archive (35)

Filename

Md5

File type

._captcha

dcf47b9b821bdfcc5cab3f66a5fd89af

AppleDouble encoded Macintosh file

add_to_blacklist.php

61792eb94ae7a859239d7c4cb061a223

PHP script, Unicode text, UTF-8 text

._add_to_blacklist.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

whitelist.txt

2909a2c64757ce93daa60e3cfc653ef1

ASCII text

._whitelist.txt

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

views.json

4b2bb18e32a2ce321a10d67401cf6bd1

JSON text data

._views.json

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

blacklist.txt

d41d8cd98f00b204e9800998ecf8427e

._blacklist.txt

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

add_to_whitelist.php

43a792982374fa7b0942449c4da1fcda

PHP script, Unicode text, UTF-8 text

._add_to_whitelist.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

login.php

60701d686dc615c556990185ee6b8905

HTML document, ASCII text

._login.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

bh.jpg

57b786b346b95d372f6a7b80d7f1a241

JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 747x717, components 3

._bh.jpg

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

dashboard.php

b8fa407a7844797dea0d727b8477c988

PHP script, Unicode text, UTF-8 text

._dashboard.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

auth.php

2bf886499e8629ec681b903695887332

PHP script, Unicode text, UTF-8 text

._auth.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

index.php

fe6a5d57b0405f7e5f9bd8a7b14d8316

PHP script, Unicode text, UTF-8 text, with very long lines (334)

._index.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

config.txt

e3312d2ea6188d02ec3b341422a58f3e

ASCII text, with very long lines (354), with no line terminators

._config.txt

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

Views.php

2a0b589979534fce7def84c4683034d4

HTML document, Unicode text, UTF-8 text

._Views.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

footer.jpg

8e5d21a9b2327f3818600e26f0414131

JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 751x577, components 3

._footer.jpg

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

blajika.gif

a2299abfada0bff8b2c4728779d36268

GIF image data, version 89a, 500 x 500

._blajika.gif

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

credentials.json

04563fecf44f3d6d1737caa2892b2d73

JSON text data

._credentials.json

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

get_views.php

f02981b043bf9cfe282665a86e302b3b

PHP script, Unicode text, UTF-8 text

._get_views.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

save_config.php

52fdb4e83d1107ae2d2b12056adf52bf

PHP script, ASCII text

._save_config.php

8374236a60876a1ed74e3c501b5d9182

AppleDouble encoded Macintosh file

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET aguilerapropiedades.cl/captcha.zip

186.64.114.50

200 OK

333 kB

URL User Request GET HTTP/2
aguilerapropiedades.cl/captcha.zip
IP
186.64.114.50:443
ASN
#52368 ZAM LTDA.

Certificate
IssuerLet's Encrypt
Subjectwww.brobizz-onlinerecoinsuffunds.aguilerapropiedades.cl
Fingerprint0C:6D:43:CE:EA:BE:37:0D:62:EC:4E:D2:10:87:61:E3:4C:78:A9:41
ValidityThu, 20 Feb 2025 12:47:54 GMT - Wed, 21 May 2025 12:47:53 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
333 kB (332694 bytes)
Hash
97934df3471ee85b6704d322b8b942f7
617c5e7d753472ad4312c71e15bb7ef3ac036233
f01f553a877026df8fc7a02363d49bc3a74819b61bdd5224767c0c8b1b53bf87

HTTP Headers

GET /captcha.zip HTTP/1.1
Host: aguilerapropiedades.cl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Fri, 31 Jan 2025 18:26:51 GMT
etag: "f883b2-51396-62d04afb52619-br"
accept-ranges: bytes
cache-control: max-age=2592000, public
expires: Sat, 22 Mar 2025 23:30:14 GMT
vary: Accept-Encoding
content-encoding: br
content-type: application/zip
date: Thu, 20 Feb 2025 23:30:14 GMT
server: Apache
X-Firefox-Spdy: h2