Report - deedwerx.zip

Report Overview

Visited public
2024-12-31 00:21:09
Tags
Submit Tags
URL
deedwerx.zip
Finishing URL
about:privatebrowsing
IP / ASN
162.255.119.81
#22612 NAMECHEAP-NET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.deedwerx.com	unknown	2017-11-30	2020-05-01	2024-04-15	614 B	19 kB	50.112.32.78
deedwerx.zip	unknown	2023-05-18	2024-12-31	2024-12-31	263 B	285 B	162.255.119.81

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-31 00:20:47	low	Client IP	162.255.119.81	ET INFO HTTP Request to a *.zip Domain
2024-12-31 00:20:57	low	162.255.119.81	Client IP	ET INFO Namecheap URL Forward

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

GET deedwerx.zip/

162.255.119.81

302 Found

47 B

URL User Request GET
deedwerx.zip/
IP
162.255.119.81:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text
Size
47 B (47 bytes)
Hash
f6825c4f88c6d33500c6989eecf43c9f
5f8d308051512b009d55432178c537850bff97f2
2dfb45ca690cfeb0645ff5fe0a6bcbb5c650254eb30fcbec093b8667e55eb941

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO Namecheap URL Forward

HTTP Headers

GET / HTTP/1.1
Host: deedwerx.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 31 Dec 2024 00:20:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 47
Connection: keep-alive
Location: http://www.deedwerx.com/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx

www.deedwerx.com/

50.112.32.78

301 Moved Permanently

315 B

URL
www.deedwerx.com/
IP
50.112.32.78:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
847b4f8df3b69f76b9fa9a98ea43769b
992c19ca02b468aa9828184cab98f0a6ca4bedec
8a7154c17f0fef36dc2458304941f4c50db457595440a55fde3ba9a673471fc9

HTTP Headers

GET / HTTP/1.1
Host: www.deedwerx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Dec 2024 00:20:47 GMT
Server: Apache/2.4.57 (Ubuntu)
X-Frame-Options: DENY
Location: https://www.deedwerx.com/
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.deedwerx.com/

50.112.32.78

200 OK

18 kB

URL
www.deedwerx.com/
IP
50.112.32.78:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix
Size
18 kB (18014 bytes)
Hash
91d60c4271421f6bc5595a263236a3fb
3948434b6e2f748e7e94b047f86d53cc42cd4cb6
b482af5631f8d19d79a6c80b1a284e2903fa03aa558250fba758a8a0884760a4

HTTP Headers

GET / HTTP/1.1
Host: www.deedwerx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Dec 2024 00:20:48 GMT
Server: Apache/2.4.57 (Ubuntu)
X-Frame-Options: DENY
Set-Cookie: PHPSESSID=i78cos1eq15g2f7vdb7ljgmfi3; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 12165
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (3)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers