Report Overview
Submitted URL
producenz.com/010USA7USPS.zip
IP
185.184.154.17
ASN
#38719 Dreamscape Networks Limited
Submitted
2024-04-26 04:15:16
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
producenz.com | unknown | 2012-01-04 | 2019-02-01 | 2024-03-23 | 483 B | 451 kB | 185.184.154.17 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-26 | medium | producenz.com/010USA7USPS.zip | Phishing Kit impersonating USPS |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
producenz.com/010USA7USPS.zip
IP
185.184.154.17
ASN
#38719 Dreamscape Networks Limited
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
451 kB (450910 bytes)
Hash
dcf484ca1aa3ce67a99dca7671803ccd
80d381dfaca7ed8100aa8366363194cb1916a1a7
Archive (83)
Filename | Md5 | File type |
---|---|---|
.htaccess | 77785d646e0d2118dded4a7927f91d55 | ASCII text, with CRLF line terminators |
1.php | 83eed4e0075e7ad6211e0e460eeb3843 | PHP script, Unicode text, UTF-8 text |
1.php.bak | b79b8393ce511396b038aded518486ae | PHP script, Unicode text, UTF-8 text |
2.php | d833a195119d4af7dfdf528641bd0eb1 | PHP script, Unicode text, UTF-8 text |
2.php.bak | 5cc02910eb560738be3c9a831f59e130 | PHP script, Unicode text, UTF-8 text |
anti1.php | d1e96bfaf9f96839bd166a9c4c7c79ae | PHP script, ASCII text, with very long lines (1306), with CRLF line terminators |
anti2.php | ef66f2709aa2b68bb45cbf5b7837063d | PHP script, ASCII text, with very long lines (1604), with no line terminators |
anti3.php | ea346b11acbcfcf48a52f05211b506e9 | PHP script, ASCII text, with very long lines (4162), with no line terminators |
anti4.php | c651311f855d5aa682a65385d411a294 | PHP script, ASCII text, with very long lines (7526), with no line terminators |
anti5.php | 0b0239b0d3aadcfec877e84c6eb3350e | PHP script, ASCII text, with very long lines (5935), with no line terminators |
anti6.php | bccb29cfcad7540389ff4b1200555765 | PHP script, ASCII text, with very long lines (2668) |
anti7.php | 1ff42854e8fc9f66238c85ddefd15052 | PHP script, ASCII text, with very long lines (2915), with CRLF line terminators |
anti8.php | f93633191650238ef758192211e4c5d0 | PHP script, ASCII text, with CRLF line terminators |
antibots.php | 1a952fa842eb24e78e423103fd4461fd | PHP script, ASCII text, with very long lines (1302), with CRLF line terminators |
ARDUINO_DAS_VISIT.txt | 603e594810c09a68e4ad1e0a6ea14727 | ASCII text |
anti1.php | 22edc5a16c1bc2db9cd7d1e269317740 | PHP script, ASCII text, with very long lines (1267), with CRLF line terminators |
anti2.php | 85bd959f96fc6754f21f90faa4d0977c | PHP script, ASCII text, with very long lines (1626), with CRLF line terminators |
anti3.php | 9d53d9daa6868d504ed39f659e9cb426 | PHP script, ASCII text, with very long lines (4182), with CRLF line terminators |
anti4.php | 3f6552039038e80cb11a7c7932e4dd67 | PHP script, ASCII text, with very long lines (7559), with CRLF line terminators |
anti5.php | 907bd093ae0774bab1df32e1e82a7001 | PHP script, ASCII text, with very long lines (5981), with CRLF line terminators |
anti6.php | 27d3e31b677ba31fe6da1a63b219c9a8 | PHP script, ASCII text, with very long lines (2668) |
anti7.php | 42671d1951a2b8b9d543eacd7dc61ae0 | PHP script, ASCII text, with very long lines (2915), with CRLF line terminators |
anti8.php | d389d3f248e4e50d8d2c792a9ab526b3 | PHP script, ASCII text, with CRLF line terminators |
coder.txt | f8d46d1ac4a167a2d41e5051cf4fcd85 | Unicode text, UTF-8 text |
index.php | 1d6ac09c74c78728fd2b609f2a48a6e9 | PHP script, ASCII text, with CRLF line terminators |
new-bots.php | a82bcc27f17f586ae18aec8af2426689 | PHP script, ASCII text, with very long lines (3218), with CRLF line terminators |
proxy.php | 9e133323b0a2da16dc5cc92057b0cf9a | PHP script, ASCII text, with CRLF line terminators |
blocker.php | 52ab040c0ebd2739a9f595d5b369cf54 | PHP script, ASCII text, with very long lines (1302) |
.htaccess | d72267ffa81b3a6bc2218b70b436a4d0 | ASCII text, with CRLF line terminators |
anti1.php | 168ff56397bb4727d7fae1764078ae00 | PHP script, ASCII text, with very long lines (1306), with CRLF line terminators |
anti2.php | b96feb6218af926103d19a0e695c6e12 | PHP script, ASCII text, with very long lines (1604), with no line terminators |
anti3.php | a2f8c87f0ba3b5dd1ed0265ea1046e84 | PHP script, ASCII text, with very long lines (4162), with no line terminators |
anti4.php | c90c15e0945025cd8ae58781495c1179 | PHP script, ASCII text, with very long lines (7526), with no line terminators |
anti5.php | 06d05df3aa8eac42392241f5987254b7 | PHP script, ASCII text, with very long lines (5935), with no line terminators |
anti6.php | 7cd288031836d11aaf261fb863b7bbd9 | PHP script, ASCII text, with very long lines (2668) |
anti7.php | 0e6385e285a4ec20298c3f13c13a088e | PHP script, ASCII text, with very long lines (2915), with CRLF line terminators |
anti8.php | ed892c16a5c9728d1cae4af39b5def0e | PHP script, ASCII text, with CRLF line terminators |
index.php | 4dfbd6ea10cb655ee7b626ae0989387e | PHP script, ASCII text, with CRLF line terminators |
.htaccess | d72267ffa81b3a6bc2218b70b436a4d0 | ASCII text, with CRLF line terminators |
anti1.php | 168ff56397bb4727d7fae1764078ae00 | PHP script, ASCII text, with very long lines (1306), with CRLF line terminators |
anti2.php | b96feb6218af926103d19a0e695c6e12 | PHP script, ASCII text, with very long lines (1604), with no line terminators |
anti3.php | a2f8c87f0ba3b5dd1ed0265ea1046e84 | PHP script, ASCII text, with very long lines (4162), with no line terminators |
anti4.php | c90c15e0945025cd8ae58781495c1179 | PHP script, ASCII text, with very long lines (7526), with no line terminators |
anti5.php | 06d05df3aa8eac42392241f5987254b7 | PHP script, ASCII text, with very long lines (5935), with no line terminators |
index.php | 4dfbd6ea10cb655ee7b626ae0989387e | PHP script, ASCII text, with CRLF line terminators |
email.php | 1f02b0b4e6c363905c3085408f62e27f | PHP script, ASCII text |
email.php.bak | 0e5f7349bc7ad9b7fc4d347e3e8d07bf | PHP script, ASCII text |
fethi.php | 3e6988ffc9ebd0014e9bfd635ceecd11 | PHP script, ASCII text, with very long lines (783), with CRLF line terminators |
id.php | b356f64144536d4929bf4274afc5a9b4 | PHP script, ASCII text |
id.php.bak | 4ac6f4fb6d184b06adf94d9e44e00fb7 | PHP script, ASCII text |
index.php | af6607459cccaaf59546b74b6f03b5ce | PHP script, ASCII text |
index1.php | 796b567099de3a965bbe376c9b8332f2 | PHP script, Unicode text, UTF-8 text, with very long lines (682), with CRLF line terminators |
index1.php.bak | 5dad0ff6d7e69cbc61b16e8491e40941 | PHP script, Unicode text, UTF-8 text, with very long lines (682), with CRLF line terminators |
index3.php | 2548218e16e27708047816de74d8bd62 | HTML document, Unicode text, UTF-8 text, with very long lines (517) |
index4.php | d00d2a6542dacce2be5d0bc5d30cbcd2 | PHP script, Unicode text, UTF-8 text, with very long lines (517) |
index4.php.bak | 12616f8e8f984d1e1ca12b0c7ae6e564 | PHP script, Unicode text, UTF-8 text, with very long lines (517) |
index5.php | 920497835f7f1429be8102123d2913dd | PHP script, Unicode text, UTF-8 text, with very long lines (517) |
index5.php.bak | e76340b53596d3eb6cf6376ca79b176c | PHP script, Unicode text, UTF-8 text, with very long lines (517) |
index6.php | 114a33cf757a5cc3fb4f0675834b6323 | PHP script, Unicode text, UTF-8 text, with very long lines (517) |
index6.php.bak | ba627121d44a9fb958357f5dc9d670f8 | PHP script, Unicode text, UTF-8 text, with very long lines (517) |
index9.htm | 861cadfba903be178637d39f493e3252 | HTML document, Unicode text, UTF-8 text, with very long lines (13898), with CRLF line terminators |
analytics.js | d4a5ebac229b3070290629728c7ffcb9 | JavaScript source, ASCII text, with very long lines (37722) |
datepicker3.css | 3bf45d3f5706eeeac62da6ba8d1848c2 | ASCII text |
jquery-ui.css | 59cb328e003f6fe1a0c7cfba2dc05145 | ASCII text |
jquery.js | 397754ba49e9e0cf4e7c190da78dda05 | JavaScript source, ASCII text, with very long lines (32089) |
main.css | 830cc30d00d01e1c0f821ae39f77d3db | ASCII text |
schedule-redelivery.css | 07dbfaf676f8a9ed7483fd4dfd359fc6 | ASCII text |
tracking-cross-sell.css | c3120a732b51c3925a4e5db0e9966410 | ASCII text |
indexadress.php | 72fc537709501f32a8385a93cc769bdc | PHP script, Unicode text, UTF-8 text, with very long lines (1060), with CRLF line terminators |
indexadress.php.bak | ffe8d2c485e46e0c257d7b1f1d549dea | PHP script, Unicode text, UTF-8 text, with very long lines (1060), with CRLF line terminators |
indexerrore.htm | 0271ef17b69ec3dcdede00d840cc9333 | HTML document, Unicode text, UTF-8 text, with very long lines (13898), with CRLF line terminators |
indexinfomessage.php | de701bdf9b2be7c198ae17269656b6aa | PHP script, Unicode text, UTF-8 text, with very long lines (1079), with CRLF line terminators |
indexx.php | 1c75e9ab2c4c67346316cb780ce692d0 | PHP script, ASCII text, with CRLF line terminators |
logo-sb.svg | 0418f7120dc6cdd1d7aa0f8219ec9af2 | SVG Scalable Vector Graphics image |
main.css | bea4b77c33ea59e0043c68ea1bcb7514 | ASCII text, with very long lines (8795), with no line terminators |
main2.css | 775928448f1c38a1f5b55ab2c6593967 | ASCII text, with very long lines (49556), with CRLF line terminators |
robots.txt | 6c4e407c3a02a9376884f4b73f6a6936 | ASCII text |
rzlt.txt | d41d8cd98f00b204e9800998ecf8427e | |
sex.php | a4a2fc1077de070b35910adca6510f1e | PHP script, ASCII text, with very long lines (2106), with CRLF line terminators |
ssssssssss.txt | d41d8cd98f00b204e9800998ecf8427e | |
thanks.php | 9c2c309d8dff81423d48edd6b378ce22 | HTML document, Unicode text, UTF-8 text, with very long lines (517) |
view.txt | 689c52825a5c1eb9c28efb4763426d30 | ASCII text |
xxxxs.txt | d41d8cd98f00b204e9800998ecf8427e |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Phishing Kit YARA rules | phishing | Phishing Kit impersonating USPS |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
producenz.com/010USA7USPS.zip | 185.184.154.17 | 200 OK | 451 kB | |||||||
Detections
HTTP Headers
| ||||||||||