Report - www.ooovtu.ru/Files/Arenda/30/Shablon301003.zip

Report Overview

URL

www.ooovtu.ru/Files/Arenda/30/Shablon301003.zip
IP

195.24.68.21

ASN

#48287 Jsc ru-center
Submitted

2023-09-19T05:22:09Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

1
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
www.ooovtu.ru (1)	unknown	2012-07-08 01:43:00	2023-07-20 08:35:33	419	535731	195.24.68.21

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-19T05:21:51Z	medium	195.24.68.21	Client IP	ET INFO TLS Handshake Failure

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL

www.ooovtu.ru/Files/Arenda/30/Shablon301003.zip
IP

195.24.68.21
ASN

#48287 Jsc ru-center

File type

Zip archive data, at least v2.0 to extract, compression method=deflate\012- data

Size

535487
Hash

ec86bd20054b56aeaeec9b0dbb193058

a626114683cea5a75e3a2fca0e76f1468e708a1a

a234e3085b341935fae6b432e111a95f208f66a1de11d23b967f8b9dec1c8575

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.ooovtu.ru/Files/Arenda/30/Shablon301003.zip

195.24.68.21

200 OK

535487

URL User Request GET HTTP/1.1

www.ooovtu.ru/Files/Arenda/30/Shablon301003.zip
IP

195.24.68.21:80
ASN

#48287 Jsc ru-center

Magic

Zip archive data, at least v2.0 to extract, compression method=deflate\012- data

Size

535487
Hash

ec86bd20054b56aeaeec9b0dbb193058

a626114683cea5a75e3a2fca0e76f1468e708a1a

a234e3085b341935fae6b432e111a95f208f66a1de11d23b967f8b9dec1c8575

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

HTTP Headers

                                        GET /Files/Arenda/30/Shablon301003.zip HTTP/1.1
Host: www.ooovtu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: openresty
Date: Tue, 19 Sep 2023 05:21:51 GMT
Content-Type: application/zip
Content-Length: 535487
Connection: keep-alive
Last-Modified: Fri, 23 Jul 2010 12:06:03 GMT
ETag: "4c4985ab-82bbf"
Accept-Ranges: bytes

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers