Report Overview

  1. Submitted URL

    cdn.discordapp.com/attachments/1237601030036783124/1237845636729147432/license.zip?ex=663d2115&is=663bcf95&hm=bf758c27523d5a581c15037817c0331b22bbb672b6f864c50708226debf942f6&

  2. IP

    162.159.135.233

    ASN

    #13335 CLOUDFLARENET

  3. Submitted

    2024-05-08 19:21:08

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  1. urlquery

    0

  2. Network Intrusion Detection

    0

  3. Threat Detection Systems

    5

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
cdn.discordapp.com24742015-02-262015-08-242024-05-07

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    cdn.discordapp.com/attachments/1237601030036783124/1237845636729147432/license.zip?ex=663d2115&is=663bcf95&hm=bf758c27523d5a581c15037817c0331b22bbb672b6f864c50708226debf942f6&

  2. IP

    162.159.135.233

  3. ASN

    #13335 CLOUDFLARENET

  1. File type

    Zip archive data, at least v1.0 to extract, compression method=store

    Size

    1.2 MB (1245971 bytes)

  2. Hash

    464b67404a4bd877788915e4ae595d81

    4ddf11cf8b543313ae88e90435e7ac9295a9267f

  1. Archive (44)

  2. FilenameMd5File type
    style.css
    e9bfde9650dcb39b796b57b239e33112
    ASCII text, with CRLF line terminators
    auth.css
    553771665be996dcb3f4e32b568cdab5
    assembler source, ASCII text, with CRLF line terminators
    tom-select.css
    fe61d093c469fbf1a986268d47c984f6
    ASCII text, with CRLF line terminators
    upload.php
    f58084d1d2613bc5941ba6a1cc24ed11
    PHP script, ASCII text, with CRLF line terminators
    action.php
    a386a1aa50a8862668b391646e176a09
    PHP script, ASCII text, with very long lines (65529), with CRLF line terminators
    table.php
    6da0f1608b0ca628e15a8b6733c743dc
    PHP script, ASCII text, with very long lines (1190), with CRLF line terminators
    script.js
    5076b15c22b040f293e1923939614df6
    JavaScript source, ASCII text, with very long lines (1290), with CRLF line terminators
    blackout-logo.jpg
    ead639fe3040f6216b22aa8792e5f4a4
    JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x1200, components 3
    tebex.png
    b628c730d69240d8c37410c4b938f48d
    PNG image data, 108 x 110, 8-bit/color RGBA, non-interlaced
    logo.png
    7e7e9efc78f7365a420ebd7ab1fde59f
    PNG image data, 725 x 213, 8-bit/color RGBA, non-interlaced
    logo-icon.png
    1cb8db7f04376b2fc29cb9aa2e58d85c
    PNG image data, 215 x 213, 8-bit/color RGBA, non-interlaced
    blackout-logo-wb.png
    a0f1c423c2e79b290708353f127cd558
    PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
    devbybit-logos.png
    72d8724c89f60c06642c2b22891c472c
    PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
    file_66371e33730d19.65405906.png
    a0f1c423c2e79b290708353f127cd558
    PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
    devbybit-logo.png
    ad937851bb8b6087c926b0b26ef3e6c4
    PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
    devbybit.png
    409e0ad767a4a4d9203f3e5d7bb75d6d
    PNG image data, 849 x 162, 8-bit/color RGBA, non-interlaced
    mongodb.php
    d41d8cd98f00b204e9800998ecf8427e
    mysql.php
    4bf7331ae47098e8128d67ae086a7e6b
    PHP script, ASCII text, with CRLF line terminators
    json.php
    d41d8cd98f00b204e9800998ecf8427e
    redis.php
    cc2e5e5262684733718e54459f279465
    PHP script, ASCII text, with CRLF line terminators
    postgresql.php
    d41d8cd98f00b204e9800998ecf8427e
    license.php
    332a21d09676815e82c2d6db67e3ae04
    PHP script, ASCII text, with CRLF line terminators
    asdusdajhdi.php
    5fb9751531d41baadd979b8ee5a114a5
    PHP script, ASCII text, with CRLF line terminators
    en_US.php
    f99bc082565a93049df03c04aebd8660
    PHP script, Unicode text, UTF-8 text, with very long lines (376), with CRLF line terminators
    es_ES.php
    72ac3bb17a36f5beba2bc6d132d49393
    PHP script, Unicode text, UTF-8 text, with very long lines (403), with CRLF line terminators
    api.php
    c562e804c5cbefe360318661a455cbb3
    PHP script, ASCII text, with CRLF line terminators
    webhook.php
    b38624035c5609512a06d6841cbcc5da
    PHP script, ASCII text, with CRLF line terminators
    group.php
    a2e3c836cea92162d2179329c4f2b640
    PHP script, ASCII text, with CRLF line terminators
    basket.php
    22ea16e6c32239d46b4c17f9f3ee6798
    PHP script, ASCII text, with very long lines (414), with CRLF line terminators
    settings.php
    90edaa9fbb413f727b7029254d1f3c34
    PHP script, ASCII text, with very long lines (363), with CRLF line terminators
    license.php
    0f901348746818f2fe7cb1e3ef707a55
    PHP script, ASCII text, with very long lines (361), with CRLF line terminators
    index.php
    b19a17dc300a879aa5284667040960bf
    PHP script, ASCII text, with CRLF line terminators
    code.php
    9afa02eea5bb55418e2a814520ea026f
    PHP script, ASCII text, with very long lines (664), with CRLF line terminators
    install.php
    9de996b685c4449237b4a88a153a03ee
    JavaScript source, ASCII text, with very long lines (688), with CRLF line terminators
    dashboard.php
    2cf238a1df7ee89f31443132fbfa9c64
    JavaScript source, ASCII text, with CRLF line terminators
    product.php
    4b22b8fa03169b06b7a0ed332613f072
    PHP script, ASCII text, with very long lines (343), with CRLF line terminators
    download.php
    64aafa8d90c51b2609482d4f7e50cbc1
    PHP script, ASCII text, with CRLF line terminators
    user.php
    baebbccdc06bd1118cc0dc4edb458741
    PHP script, ASCII text, with very long lines (420), with CRLF line terminators
    auth.php
    dbfa902e978e062b7f5b13eae6cf950e
    JavaScript source, Unicode text, UTF-8 text, with very long lines (741), with CRLF line terminators
    .htaccess
    43063ed5aa17f06c5d2fd1ee80477ad2
    ASCII text, with CRLF line terminators
    api.php
    e2271c5f2e682327340b10f3deb98e81
    PHP script, ASCII text, with very long lines (23764), with CRLF line terminators
    config.php
    8725285f215842df0c8986efab5d51eb
    PHP script, Unicode text, UTF-8 text, with CRLF line terminators
    function.php
    c16f500e4c6cd8783a8c434a13386ff3
    PHP script, ASCII text, with very long lines (65529), with CRLF line terminators
    index.php
    df4993bf5c5650fc0f370cb5651a48b8
    JavaScript source, ASCII text, with very long lines (378), with CRLF line terminators

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    PHP webshell obfuscated by encoding of mixed hex and dec
    Public Nextron YARA rulesmalware
    PHP webshell which eval()s obfuscated string
    Public Nextron YARA rulesmalware
    PHP webshell obfuscated by encoding of mixed hex and dec
    Public Nextron YARA rulesmalware
    PHP webshell obfuscated by encoding of mixed hex and dec
    Public Nextron YARA rulesmalware
    PHP webshell which eval()s obfuscated string

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
cdn.discordapp.com/attachments/1237601030036783124/1237845636729147432/license.zip?ex=663d2115&is=663bcf95&hm=bf758c27523d5a581c15037817c0331b22bbb672b6f864c50708226debf942f6&
162.159.135.233200 OK1.2 MB