Report - iyidoy.com/IyiDoy_Extension

Report Overview

Submitted URL
iyidoy.com/IyiDoy_Extension_V1.0.zip
IP
176.123.0.83
ASN
#200019 Alexhost Srl
Submitted
2024-05-07 13:53:58
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
iyidoy.com	unknown	unknown	No data	No data	490 B	436 kB	176.123.0.83

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	iyidoy.com	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
iyidoy.com/IyiDoy_Extension_V1.0.zip
IP
176.123.0.83
ASN
#200019 Alexhost Srl

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
436 kB (435523 bytes)
Hash
40959d354f63cc0e247c563f7f3939ee
0dbdcc1e072c59ae9d8f69d1526ca6f41fa3972f
3bcd87eee3e7a6bda7f0cb4b4eda0a7d607da6364ba0004f158c3993e4dcb9c6

Archive (18)

Modified	Filename	Size	Md5	File type
2024-04-15 22:32	logout.js	1.7 kB	c18009f4be428f7a644d80cfeac60e49	JavaScript source, ASCII text, with very long lines (1742), with no line terminators
2024-03-18 18:01	manifest.json	1.5 kB	488271761a48044ed372d0a05fdd2f7e	JSON text data
2024-03-17 22:17	popup.html	4.0 kB	e05846d25fcd9be86403e475ff487de0	HTML document, Unicode text, UTF-8 text, with very long lines (352)
2024-04-15 22:33	renderer.js	7.1 kB	86246f75c08027a05129b479e946e1d7	JavaScript source, Unicode text, UTF-8 text, with very long lines (7034), with no line terminators
2024-03-17 23:02	rules.json	1.6 kB	a99bea0f230a210da376c4fe885c5233	JSON text data
2024-04-15 22:36	_ruleset1	1.1 kB	49c0aeecd63a88ae60481e64ae5cb00d	data
2023-04-08 20:32	animate.css	90 kB	f968ac3ba6b5cbe42cdbc9c3ae66fe78	ASCII text
2024-03-17 22:12	style.css	226 kB	1ac4c2c47e4831372b1b0fa8bd257892	ASCII text
2023-04-08 20:33	checked.svg	236 B	4b22410b649f51bb0d03994b675efe83	SVG Scalable Vector Graphics image
2023-09-14 14:34	logo.png	105 kB	715c070b93fa4f340328b0f0acd797a5	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
2023-04-08 20:33	map-dark.svg	173 kB	7e3152bb3dfb5430f0e799ba7b8c2779	SVG Scalable Vector Graphics image
2023-04-08 20:33	map.svg	173 kB	7f951ad300658394f9a1d38b09ef5ac5	SVG Scalable Vector Graphics image
2024-03-17 23:31	xhook.js	15 kB	be5e3c11f93f83fcb6a91c376a11bdfa	JavaScript source, ASCII text, with very long lines (14952), with no line terminators
2024-04-15 22:33	ys.js	1.8 kB	e66c4796812cb7a9cc8ce82345931e5a	JavaScript source, ASCII text, with very long lines (1767), with no line terminators
2024-03-17 22:34	background.js	0 B	d41d8cd98f00b204e9800998ecf8427e
2024-04-15 22:36	content_script.js	2.6 kB	0be4651db62ad9ebb28fa8da8fcc946b	JavaScript source, ASCII text, with very long lines (2585), with no line terminators
2024-04-15 22:32	loader_script.js	1.8 kB	1742a0cb724a2b6984034fab936da070	JavaScript source, ASCII text, with very long lines (1837), with no line terminators
2023-08-29 19:54	logo.png	260 kB	ba6e2400a5074903766deada5c5e864f	PNG image data, 819 x 819, 8-bit/color RGBA, non-interlaced

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

iyidoy.com/IyiDoy_Extension_V1.0.zip

176.123.0.83

200 OK

436 kB

URL User Request GET HTTP/2
iyidoy.com/IyiDoy_Extension_V1.0.zip
IP
176.123.0.83:443
ASN
#200019 Alexhost Srl

Certificate
IssuerLet's Encrypt
Subjectiyidoy.com
Fingerprint04:82:99:E3:7A:84:68:E5:36:27:C9:5C:B2:17:04:F5:16:82:A0:38
ValiditySun, 17 Mar 2024 00:13:10 GMT - Sat, 15 Jun 2024 00:13:09 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
436 kB (435523 bytes)
Hash
40959d354f63cc0e247c563f7f3939ee
0dbdcc1e072c59ae9d8f69d1526ca6f41fa3972f
3bcd87eee3e7a6bda7f0cb4b4eda0a7d607da6364ba0004f158c3993e4dcb9c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /IyiDoy_Extension_V1.0.zip HTTP/1.1
Host: iyidoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
last-modified: Mon, 15 Apr 2024 19:41:15 GMT
accept-ranges: bytes
content-length: 435523
date: Tue, 07 May 2024 13:53:32 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (18)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers