Report - nsw-plumbing.com.au/Darrell/%21@%23$%25%5E&%2A%28%29outlooksharedfile.zip

Report Overview

Submitted URL
nsw-plumbing.com.au/Darrell/%21@%23$%25%5E&%2A%28%29outlooksharedfile.zip
IP
103.20.202.177
ASN
#38719 Dreamscape Networks Limited
Submitted
2024-04-26 08:29:57
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nsw-plumbing.com.au	unknown	unknown	2017-07-05	2024-03-25	527 B	1.4 MB	103.20.202.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
nsw-plumbing.com.au/Darrell/%21@%23$%25%5E&%2A%28%29outlooksharedfile.zip
IP
103.20.202.177
ASN
#38719 Dreamscape Networks Limited

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.4 MB (1386690 bytes)
Hash
dcf1402bb6c1cfe8eac2262721f906f3
48c4f93873cf3cb52ee4d66fb74cf5d7a63aaf53
d0a5a58b1edf3907f5c20cceedd24a3278e86c27acd370e4e01896954069ac1b

Archive (7)

Modified	Filename	Size	Md5	File type
2021-03-09 10:16	error_log	900 B	4c6f56860eef8c9c531efad5a52a6620	ASCII text
2021-03-09 10:25	a1zn.php	908 B	6954301e936d4676a5e91f32ffa03585	PHP script, ASCII text, with CRLF line terminators
2021-03-09 10:24	iomail.php	42 B	70c5b07bde1a057302a1399b715ab68c	PHP script, ASCII text
2021-03-09 10:23	One_Drive_File.htm	655 kB	ebf8db6cae5618349a06b58ac889240c	HTML document, ASCII text, with very long lines (35812)
2021-03-11 12:30	second.php	904 B	ad590ca696efe099edcd8a1c09e28630	PHP script, ASCII text, with CRLF line terminators
2021-03-09 10:22	One_Drive_Shared_File_2.htm	655 kB	d95a389eb285e5ddcaf9dc4c8c998827	HTML document, ASCII text, with very long lines (35812)
2021-03-11 12:29	Sales Quote DO51436.pdf	662 kB	9d188945ef4404da57b61b7e34ad9838	PDF document, version 1.7, 8 pages

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/56

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

nsw-plumbing.com.au/Darrell/%21@%23$%25%5E&%2A%28%29outlooksharedfile.zip

103.20.202.177

200 OK

1.4 MB

URL User Request GET HTTP/2
nsw-plumbing.com.au/Darrell/%21@%23$%25%5E&%2A%28%29outlooksharedfile.zip
IP
103.20.202.177:443
ASN
#38719 Dreamscape Networks Limited

Certificate
IssuerLet's Encrypt
Subjectcpanel.nsw-plumbing.com.au
Fingerprint92:4B:62:69:F6:42:54:B5:31:1A:62:5A:B4:93:F2:9A:16:24:9E:41
ValidityFri, 08 Mar 2024 08:21:43 GMT - Thu, 06 Jun 2024 08:21:42 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.4 MB (1386690 bytes)
Hash
dcf1402bb6c1cfe8eac2262721f906f3
48c4f93873cf3cb52ee4d66fb74cf5d7a63aaf53
d0a5a58b1edf3907f5c20cceedd24a3278e86c27acd370e4e01896954069ac1b

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/56

HTTP Headers

GET /Darrell/%21@%23$%25%5E&%2A%28%29outlooksharedfile.zip HTTP/1.1
Host: nsw-plumbing.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 08:29:32 GMT
content-type: application/zip
content-length: 1386690
last-modified: Wed, 13 Mar 2024 08:57:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (7)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers