Report - blitzz.com.ar/wp-content/download/File

Report Overview

Submitted URL
blitzz.com.ar/wp-content/download/File_pass1234.7z
IP
69.46.4.57
ASN
#29802 HVC-AS
Submitted
2023-06-01 06:55:09
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.comodoca.com	1696	2002-11-13	2012-05-21	2023-05-31	331 B	1.0 kB	104.18.15.101
blitzz.com.ar	unknown	2020-05-09	2021-04-21	2023-05-29	506 B	4.7 MB	69.46.4.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	blitzz.com.ar

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	blitzz.com.ar

ThreatFox

No alerts detected

Files detected

URL
blitzz.com.ar/wp-content/download/File_pass1234.7z
IP
69.46.4.57
ASN
#29802 HVC-AS

File type
7-zip archive data, version 0.4\012- data
Size
4.7 MB (4706419 bytes)
Hash
0d6f6b6bd8f63cb7ea5854d7fb265cb4
74dff26a0cb9477af73b5743ed431f05fbcd35d1
e29b394be0b3c73641c25b17b2d40e4e468515a31970e8780ba62af98c014f3a

Detections

Analyzer	Verdict	Alert
VirusTotal	9/59	VirusTotal -

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

ocsp.comodoca.com/

104.18.15.101

471 B

URL
ocsp.comodoca.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
46cbb3715a416b21e0df16d41daa4bcd
74aaef0ee1c0a720c3c47d8b4eeefd1f980ae584
3a395a141ccafd994478c7b9a411bea5aba9d6d75cd2d8a5e59cf237794c5745

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 06:54:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 16:31:22 GMT
Expires: Mon, 05 Jun 2023 16:31:21 GMT
Etag: "74aaef0ee1c0a720c3c47d8b4eeefd1f980ae584"
Cache-Control: max-age=379589,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d058c33b9cb0b41-OSL

blitzz.com.ar/wp-content/download/File_pass1234.7z

69.46.4.57

200 OK

4.7 MB

URL User Request GET HTTP/2
blitzz.com.ar/wp-content/download/File_pass1234.7z
IP
69.46.4.57:443
ASN
#29802 HVC-AS

Certificate
IssuercPanel, Inc.
Subjectblitzz.com.ar
Fingerprint20:C3:4C:E0:32:C6:9A:11:40:1E:A6:BC:10:AC:39:0A:DF:F4:86:30
ValidityFri, 21 Apr 2023 00:00:00 GMT - Thu, 20 Jul 2023 23:59:59 GMT

File type
7-zip archive data, version 0.4\012- data
Size
4.7 MB (4706419 bytes)
Hash
0d6f6b6bd8f63cb7ea5854d7fb265cb4
74dff26a0cb9477af73b5743ed431f05fbcd35d1
e29b394be0b3c73641c25b17b2d40e4e468515a31970e8780ba62af98c014f3a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed
VirusTotal	9/59	VirusTotal -

HTTP Headers

GET /wp-content/download/File_pass1234.7z HTTP/1.1
Host: blitzz.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:54:51 GMT
content-type: application/x-7z-compressed
content-length: 4706419
x-frame-options: SAMEORIGIN
last-modified: Sat, 27 May 2023 19:06:44 GMT
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (2)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers