Report - arden-midlands.co.uk/pricelist/pricelist.zip

Report Overview

Submitted URL
arden-midlands.co.uk/pricelist/pricelist.zip
IP
91.238.164.172
ASN
#52148 Enix Ltd
Submitted
2024-05-02 10:18:56
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
arden-midlands.co.uk	unknown	2011-08-22	2015-11-20	2018-05-11	414 B	438 kB	91.238.164.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-05-02	medium	arden-midlands.co.uk/pricelist/pricelist.zip	Phishing Kit impersonating Excel page

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
arden-midlands.co.uk/pricelist/pricelist.zip
IP
91.238.164.172
ASN
#52148 Enix Ltd

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
437 kB (437365 bytes)
Hash
e5d59e54aa4f68525254d44d11579de2
06f89fafc60b9299afb7f33a20021f1f2ff8ee2d
de5005c6fe1370de66ea71f4c4337db90d6a7c8ab3af608c2157c538b4258a29

Archive (14)

Modified	Filename	Size	Md5	File type
2022-05-06 01:41	511.php	1.8 kB	9ce42f6b3e6551d0b46dabff4ef84775	PHP script, ASCII text, with CRLF line terminators
2019-05-13 22:37	jquery.min.js	88 kB	220afd743d9e9643852e31a135a9f3ae	JavaScript source, ASCII text, with very long lines (65451)
2020-03-31 07:32	all.css	49 kB	6cb9f77ed25304945ce4363456ac3acd	ASCII text, with very long lines (49022)
2020-03-31 07:31	bootstrap.min.css	151 kB	7e923ad223e9f33e54d22e50cf2bcce5	ASCII text, with very long lines (65317)
2020-03-31 07:30	twostyles.css	2.8 kB	13f56cbc04ad150cf1d60f87239037de	ASCII text
2021-07-22 18:47	bgimg.png	320 kB	3336a0db9df04c5d317c8f1478c0a5dc	PNG image data, 1366 x 667, 8-bit/color RGBA, non-interlaced
2021-07-22 18:52	ex.png	8.2 kB	4292d595f45db8cc84bac8a325ae1afc	PNG image data, 640 x 338, 8-bit colormap, non-interlaced
2021-07-22 19:13	logo.png	58 kB	da7d3afa81ca3f0769fb85f58e55b47c	PNG image data, 2000 x 1964, 8-bit/color RGBA, non-interlaced
2021-07-22 19:10	spin.gif	9.4 kB	b7f090e9f3112f59bd9bb793f16184b7	GIF image data, version 89a, 220 x 20
2022-03-24 16:39	spinner.svg	6.2 kB	5ec6884b65bb8318e4134cd488d1e3f0	SVG Scalable Vector Graphics image
2022-03-24 16:20	index.php	8.4 kB	c19a0e8e23bb2a84c4abbea22c30e8a0	JavaScript source, ASCII text, with CRLF line terminators
2020-03-31 07:41	bootstrap.js	47 kB	0827a0bdcd9a917990eee461a77dd33e	JavaScript source, ASCII text, with very long lines (32075)
2022-03-24 17:34	scripts.js	3.5 kB	d4a7acfc6b84659343322f0328ed9376	JavaScript source, ASCII text
2020-03-31 07:43	tether.js	25 kB	ecdfd3dc464ceda5f483bb5c96a6e3d2	JavaScript source, ASCII text, with very long lines (24989), with no line terminators

Detections

Analyzer	Verdict	Alert
Phishing Kit YARA rules	phishing	Phishing Kit impersonating Excel page

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

arden-midlands.co.uk/pricelist/pricelist.zip

91.238.164.172

200 OK

437 kB

URL User Request GET HTTP/1.1
arden-midlands.co.uk/pricelist/pricelist.zip
IP
91.238.164.172:80
ASN
#52148 Enix Ltd

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
437 kB (437365 bytes)
Hash
e5d59e54aa4f68525254d44d11579de2
06f89fafc60b9299afb7f33a20021f1f2ff8ee2d
de5005c6fe1370de66ea71f4c4337db90d6a7c8ab3af608c2157c538b4258a29

Detections

Analyzer	Verdict	Alert
Phishing Kit YARA rules	phishing	Phishing Kit impersonating Excel page

HTTP Headers

GET /pricelist/pricelist.zip HTTP/1.1
Host: arden-midlands.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: application/zip
last-modified: Thu, 18 May 2023 20:34:13 GMT
accept-ranges: bytes
content-length: 437365
date: Thu, 02 May 2024 10:18:30 GMT
server: LiteSpeed

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (14)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers