Report - api.ul-renewables.com/index.php/content/file/GIS-Data-Sample.zip

Report Overview

Submitted URL
api.ul-renewables.com/index.php/content/file/GIS-Data-Sample.zip
IP
173.233.79.142
ASN
#40244 TURNKEY-INTERNET
Submitted
2024-03-29 08:37:31
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.ul-renewables.com	unknown	2019-05-08	2023-02-12	2023-12-04	518 B	2.7 MB	173.233.79.142

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
api.ul-renewables.com/index.php/content/file/GIS-Data-Sample.zip
IP
173.233.79.142
ASN
#40244 TURNKEY-INTERNET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.7 MB (2742033 bytes)
Hash
1060694bdeafa7f61bbf57f68ed85976
c6e9293c1b90eaf7962accddb361348204b3f3c0
1dd5f6a2ba9fafa7f4631e62b973cfe26b05cea0d746b9f6ce4b369a3501508d

Archive (29)

Modified	Filename	Size	Md5	File type
2014-05-14 15:01	GISDataGrapher.exe	4.8 MB	b4e96dd532bc0cf9995b106acf2af10c	PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
2014-05-14 15:01	awsMap_59888_30m_.pdf	1.1 MB	4f8d1cf1ba447c4f1e7a1b641c9ee2bd	PDF document, version 1.7, 1 pages
2014-05-14 15:03	distribution.dbf	108 kB	ed36af090ccab84fd2b0dbd889d1fe91	FoxBase+/dBase III DBF, 48 records * 2241, update-date 95-7-26, codepage ID=0x57, at offset 929 1st record " -75.6603 43.7193 "
2014-05-14 15:03	distribution.shp	1.4 kB	1b7aaf209bc802386bf9ed48ba87a7be	ESRI Shapefile version 1000 length 722 type Point
2014-05-14 15:03	distribution.shx	484 B	66dc9afdeb256d061e14bdc456097896	ESRI Shapefile version 1000 length 242 type Point
2014-05-14 15:05	diurnal.dbf	108 kB	33a03c6204a301a28fd2eccef60e672d	FoxBase+/dBase III DBF, 48 records * 2241, update-date 95-7-26, codepage ID=0x57, at offset 929 1st record " -75.6603 43.7193 "
2014-05-14 15:05	diurnal.shp	1.4 kB	1b7aaf209bc802386bf9ed48ba87a7be	ESRI Shapefile version 1000 length 722 type Point
2014-05-14 15:05	diurnal.shx	484 B	66dc9afdeb256d061e14bdc456097896	ESRI Shapefile version 1000 length 242 type Point
2014-05-14 14:57	elev.tfw	82 B	2a0fe371473b6941d8303c47f01cb022	ASCII text
2014-05-14 14:57	elev.tif	19 kB	4b859a1d0f345308d47aba8354c1c2a4	TIFF image data, little-endian, direntries=17, height=58, bps=32, compression=none, PhotometricInterpretation=BlackIsZero, width=79
2014-05-14 15:01	elev.txt	18 kB	752a4c2f4fa570780a84ec88de90f69b	FGDC ASCII metadata
2014-05-14 15:07	monthly.dbf	62 kB	1ce79fca6e13c36eedd9f8a661b7e217	FoxBase+/dBase III DBF, 48 records * 1281, update-date 95-7-26, codepage ID=0x57, at offset 545 1st record " -75.6603 43.7193 "
2014-05-14 15:07	monthly.shp	1.4 kB	1b7aaf209bc802386bf9ed48ba87a7be	ESRI Shapefile version 1000 length 722 type Point
2014-05-14 15:07	monthly.shx	484 B	66dc9afdeb256d061e14bdc456097896	ESRI Shapefile version 1000 length 242 type Point
2014-05-14 15:09	rose.dbf	201 kB	7993967e386cab2e644ad3f1d8d9a6fa	FoxBase+/dBase III DBF, 48 records * 4161, update-date 95-7-26, codepage ID=0x57, at offset 1697 1st record " -75.6603 43.7193 "
2014-05-14 15:09	rose.shp	1.4 kB	1b7aaf209bc802386bf9ed48ba87a7be	ESRI Shapefile version 1000 length 722 type Point
2014-05-14 15:09	rose.shx	484 B	66dc9afdeb256d061e14bdc456097896	ESRI Shapefile version 1000 length 242 type Point
2014-05-14 14:57	rough.tfw	82 B	2a0fe371473b6941d8303c47f01cb022	ASCII text
2014-05-14 14:57	rough.tif	19 kB	de03d55841a49dfbd68f718d1e98cdd0	TIFF image data, little-endian, direntries=17, height=58, bps=32, compression=none, PhotometricInterpretation=BlackIsZero, width=79
2014-05-14 15:01	roughness.txt	7.1 kB	444ab6444edcee69757a4bfde6ae0db5	FGDC ASCII metadata
2014-05-14 14:57	spd100m.tfw	82 B	2a0fe371473b6941d8303c47f01cb022	ASCII text
2014-05-14 14:57	spd100m.tif	19 kB	3f584a3cc4a6533d70259f75e587f450	TIFF image data, little-endian, direntries=17, height=58, bps=32, compression=none, PhotometricInterpretation=BlackIsZero, width=79
2014-05-14 14:57	spd30m.tfw	82 B	2a0fe371473b6941d8303c47f01cb022	ASCII text
2014-05-14 14:57	spd30m.tif	19 kB	97f8f0a93716e8b057b9305052bd9967	TIFF image data, little-endian, direntries=17, height=58, bps=32, compression=none, PhotometricInterpretation=BlackIsZero, width=79
2014-05-14 14:57	spd60m.tfw	82 B	2a0fe371473b6941d8303c47f01cb022	ASCII text
2014-05-14 14:57	spd60m.tif	19 kB	7c6f8bcc3c03287fd414df804e274bce	TIFF image data, little-endian, direntries=17, height=58, bps=32, compression=none, PhotometricInterpretation=BlackIsZero, width=79
2014-05-14 14:57	spd80m.tfw	82 B	2a0fe371473b6941d8303c47f01cb022	ASCII text
2014-05-14 14:57	spd80m.tif	19 kB	f73b1ea756e1c878df92a105c74aee11	TIFF image data, little-endian, direntries=17, height=58, bps=32, compression=none, PhotometricInterpretation=BlackIsZero, width=79
2014-05-14 15:01	speed.txt	9.6 kB	edb4fdc7ac7142b59930ade29f4489ee	FGDC ASCII metadata

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

api.ul-renewables.com/index.php/content/file/GIS-Data-Sample.zip

173.233.79.142

200 OK

2.7 MB

URL User Request GET HTTP/1.1
api.ul-renewables.com/index.php/content/file/GIS-Data-Sample.zip
IP
173.233.79.142:443
ASN
#40244 TURNKEY-INTERNET

Certificate
IssuerGoDaddy.com, Inc.
Subject*.ul-renewables.com
FingerprintB8:E0:DA:14:BD:77:0B:51:EF:0F:15:87:5A:82:50:40:A4:AC:5E:B8
ValidityTue, 20 Jun 2023 19:43:13 GMT - Sun, 21 Jul 2024 19:43:13 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.7 MB (2742033 bytes)
Hash
1060694bdeafa7f61bbf57f68ed85976
c6e9293c1b90eaf7962accddb361348204b3f3c0
1dd5f6a2ba9fafa7f4631e62b973cfe26b05cea0d746b9f6ce4b369a3501508d

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/65

HTTP Headers

GET /index.php/content/file/GIS-Data-Sample.zip HTTP/1.1
Host: api.ul-renewables.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 08:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_qos/11.70 PHP/7.1.33
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: PHP/7.1.33
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 29 Mar 2024 08:37:04 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 2742033
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: "application/zip"

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (29)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers