Report - xfinity-verify.digital-target.xyz/xfinity.zip

Report Overview

Submitted URL
xfinity-verify.digital-target.xyz/xfinity.zip
IP
65.109.109.81
ASN
#24940 Hetzner Online GmbH
Submitted
2024-04-18 08:04:53
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
xfinity-verify.digital-target.xyz	unknown	2023-09-15	2024-04-14	2024-04-14	499 B	348 kB	65.109.109.81

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
xfinity-verify.digital-target.xyz/xfinity.zip
IP
65.109.109.81
ASN
#24940 Hetzner Online GmbH

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
348 kB (347919 bytes)
Hash
36772a31497064360764f3dc075df933
f7117f785278a9c9ee36c17789eafb3cfae74743
a44e89f6dad7a337ee3607ae5bf0cd91491789e110027e94cd5bebfe273001b5

Archive (26)

Modified	Filename	Size	Md5	File type
2023-07-05 19:00	& .css	61 kB	d0fa42369f5d85aa84772f1f92581386	ASCII text, with very long lines (1285)
2023-07-05 19:00	& .ico	7.4 kB	c73967463a039770293765b8f2760e9a	MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
2023-07-05 19:00	& .png	174 kB	6f24826f1b29f767c2618e9555e87b64	PNG image data, 727 x 383, 8-bit/color RGBA, non-interlaced
2023-07-05 19:00	&& .css	115 kB	35712316dcd14339dd1d4286a338422c	ASCII text, with very long lines (1888), with CRLF line terminators
2023-07-05 19:00	&&& .css	149 kB	78dc48a5254518d6b2c2c8337c754a17	ASCII text, with very long lines (1897), with CRLF line terminators
2023-07-05 19:00	&. .png	1.6 kB	a2611b86337bdb6787d686e718f8a6a5	PNG image data, 140 x 96, 8-bit/color RGBA, non-interlaced
2023-07-05 19:00	1& .css	54 kB	2d967bd09a9e1a3bdc2217bfb26cfc26	ASCII text, with very long lines (3564), with CRLF line terminators
2023-07-05 19:00	1.png	7.1 kB	9fea8c1e6f75147050df3a0388026c8d	PNG image data, 467 x 44, 8-bit/color RGBA, non-interlaced
2023-07-05 19:00	2& .css	1.5 kB	88ad6a44338af68c00110def59a4f010	HTML document, ASCII text, with CRLF line terminators
2023-07-05 19:00	2.png	3.0 kB	db7a1d4fc4321785236b8eb703e2caf7	PNG image data, 150 x 48, 8-bit/color RGBA, non-interlaced
2023-07-29 23:05	& .php	878 B	0e1601d78d32f4b10a93fea11f3872d3	PHP script, ASCII text
2023-07-29 23:06	&. .php	1.2 kB	5dc6b41332d616783edf7d18eda89c80	PHP script, ASCII text
2023-07-29 23:06	&.. .php	1.2 kB	55830e2b3b623694d1dd824af6a40e4f	PHP script, ASCII text
2023-07-05 19:00	error_log	1.6 kB	20d581ef8f849f48c8183e27408c2612	ASCII text
2023-07-05 19:00	& .js	16 kB	8bc5689008fc243ff782ceb1fe74cec5	JavaScript source, Unicode text, UTF-8 text, with very long lines (386), with CRLF line terminators
2023-07-05 19:00	&. .js	15 kB	5e152bb2a314ea5645c748e1d6946629	JavaScript source, ASCII text, with very long lines (386)
2023-07-05 19:00	&1 .js	123 kB	92a0dd59317e09f7a124ab7f304ae9a9	JavaScript source, ASCII text, with very long lines (1007)
2023-07-05 19:00	&2 .js	3.7 kB	ad418e8e27adb34f4c9935699c3de15d	JavaScript source, ASCII text, with CRLF line terminators
2023-07-05 19:00	&3 .js	118 kB	790dbe31a16bc5c61c8270ffa7d5ee31	JavaScript source, ASCII text, with very long lines (510), with CRLF line terminators
2023-07-05 19:00	Billing-Online.html	13 kB	46d7bc05d44ac0bdd76a316fc111ff46	HTML document, ASCII text, with very long lines (1145)
2023-07-05 19:00	Billing_Pay_Online.html	13 kB	ae9089de3e20f5ed714f9dcbf8339901	HTML document, ASCII text, with very long lines (1145)
2023-07-05 19:00	index.html	5.3 kB	ea20e1c92d1bf940c31cfd748bd0f5dd	HTML document, ASCII text, with very long lines (599)
2023-07-05 19:00	Process.php	1.2 kB	aee898998ece0f0d9cdc47ad7fa7503b	HTML document, ASCII text
2023-07-05 19:00	Processig.php	1.2 kB	b58f8956a0353de508b8832b1cc095c9	HTML document, ASCII text
2023-07-05 19:00	Processs.php	1.2 kB	41e97995cf1665280e1780c95a9dee8c	HTML document, ASCII text
2023-07-05 19:00	Thanks.HTML	3.5 kB	5b8c318837a6a7fe2b67ac3e318b5483	HTML document, ASCII text, with very long lines (1145)

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 15/61

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

xfinity-verify.digital-target.xyz/xfinity.zip

65.109.109.81

200 OK

348 kB

URL User Request GET HTTP/1.1
xfinity-verify.digital-target.xyz/xfinity.zip
IP
65.109.109.81:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectwww.xfinity-verify.digital-target.xyz
Fingerprint88:A8:B8:DE:EC:65:45:75:87:B0:13:72:83:65:7A:BC:34:F3:92:24
ValiditySat, 13 Apr 2024 22:53:07 GMT - Fri, 12 Jul 2024 22:53:06 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
348 kB (347919 bytes)
Hash
36772a31497064360764f3dc075df933
f7117f785278a9c9ee36c17789eafb3cfae74743
a44e89f6dad7a337ee3607ae5bf0cd91491789e110027e94cd5bebfe273001b5

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 15/61

HTTP Headers

GET /xfinity.zip HTTP/1.1
Host: xfinity-verify.digital-target.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 08:04:27 GMT
Server: Apache
Last-Modified: Sat, 13 Apr 2024 23:06:13 GMT
Accept-Ranges: bytes
Content-Length: 347919
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (26)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers