Report Overview

  1. Visited public
    2025-01-06 06:44:02
    Tags
    Submit Tags
  2. URL

    travya.asia/xleet.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    103.233.102.32

    #136107 PT. Tujuh Ion Indonesia

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
travya.asiaunknown2015-09-142017-04-282024-12-30

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    travya.asia/xleet.zip

  2. IP

    103.233.102.32

  3. ASN

    #136107 PT. Tujuh Ion Indonesia

  1. File type

    Zip archive data, at least v1.0 to extract, compression method=store

    Size

    101 kB (100600 bytes)

  2. Hash

    edcce5eda9aea4a759198bf1575ebd61

    5ced7a3cf58e9e5a9d7fa37fcaf5b30da9930b8c

  1. Archive (4)

  2. FilenameMd5File type
    favicon.png
    6272e1a29b456ffc3cbed5297ea6787f
    PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
    index.php
    97f659705fd2d748e643f893027fa917
    PHP script, ASCII text, with very long lines (61819), with no line terminators
    jquery.min.js
    a46fb81762396b7bf2020774a2fb4d9e
    JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators
    style.css
    e6b972002bb4d7ac13e82e3ebcc83e42
    ASCII text, with very long lines (65319), with CRLF line terminators

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    PHP webshell which directly eval()s obfuscated string
    Public Nextron YARA rulesmalware
    PHP webshell using some kind of eval with encoded blob to decode
    VirusTotalmalicious

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
GET travya.asia/xleet.zip
103.233.102.32200 OK101 kB