Report Overview
Submitted URL
arden-midlands.co.uk/pricelist/pricelist.zip
IP
91.238.164.172
ASN
#52148 Enix Ltd
Submitted
2024-05-02 10:18:56
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
arden-midlands.co.uk | unknown | 2011-08-22 | 2015-11-20 | 2018-05-11 | 414 B | 438 kB | 91.238.164.172 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-02 | medium | arden-midlands.co.uk/pricelist/pricelist.zip | Phishing Kit impersonating Excel page |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
arden-midlands.co.uk/pricelist/pricelist.zip
IP
91.238.164.172
ASN
#52148 Enix Ltd
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
437 kB (437365 bytes)
Hash
e5d59e54aa4f68525254d44d11579de2
06f89fafc60b9299afb7f33a20021f1f2ff8ee2d
Archive (14)
Filename | Md5 | File type |
---|---|---|
511.php | 9ce42f6b3e6551d0b46dabff4ef84775 | PHP script, ASCII text, with CRLF line terminators |
jquery.min.js | 220afd743d9e9643852e31a135a9f3ae | JavaScript source, ASCII text, with very long lines (65451) |
all.css | 6cb9f77ed25304945ce4363456ac3acd | ASCII text, with very long lines (49022) |
bootstrap.min.css | 7e923ad223e9f33e54d22e50cf2bcce5 | ASCII text, with very long lines (65317) |
twostyles.css | 13f56cbc04ad150cf1d60f87239037de | ASCII text |
bgimg.png | 3336a0db9df04c5d317c8f1478c0a5dc | PNG image data, 1366 x 667, 8-bit/color RGBA, non-interlaced |
ex.png | 4292d595f45db8cc84bac8a325ae1afc | PNG image data, 640 x 338, 8-bit colormap, non-interlaced |
logo.png | da7d3afa81ca3f0769fb85f58e55b47c | PNG image data, 2000 x 1964, 8-bit/color RGBA, non-interlaced |
spin.gif | b7f090e9f3112f59bd9bb793f16184b7 | GIF image data, version 89a, 220 x 20 |
spinner.svg | 5ec6884b65bb8318e4134cd488d1e3f0 | SVG Scalable Vector Graphics image |
index.php | c19a0e8e23bb2a84c4abbea22c30e8a0 | JavaScript source, ASCII text, with CRLF line terminators |
bootstrap.js | 0827a0bdcd9a917990eee461a77dd33e | JavaScript source, ASCII text, with very long lines (32075) |
scripts.js | d4a7acfc6b84659343322f0328ed9376 | JavaScript source, ASCII text |
tether.js | ecdfd3dc464ceda5f483bb5c96a6e3d2 | JavaScript source, ASCII text, with very long lines (24989), with no line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Phishing Kit YARA rules | phishing | Phishing Kit impersonating Excel page |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
arden-midlands.co.uk/pricelist/pricelist.zip | 91.238.164.172 | 200 OK | 437 kB | |||||||
Detections
HTTP Headers
| ||||||||||