Report Overview
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
travya.asia | unknown | 2015-09-14 | 2017-04-28 | 2024-12-30 | 475 B | 101 kB | ![]() |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
travya.asia/xleet.zip
IP
103.233.102.32
ASN
#136107 PT. Tujuh Ion Indonesia
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
101 kB (100600 bytes)
Hash
edcce5eda9aea4a759198bf1575ebd61
5ced7a3cf58e9e5a9d7fa37fcaf5b30da9930b8c
Archive (4)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
favicon.png | 6272e1a29b456ffc3cbed5297ea6787f | PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced | ||||||
index.php | 97f659705fd2d748e643f893027fa917
| PHP script, ASCII text, with very long lines (61819), with no line terminators | ||||||
jquery.min.js | a46fb81762396b7bf2020774a2fb4d9e | JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators | ||||||
style.css | e6b972002bb4d7ac13e82e3ebcc83e42 | ASCII text, with very long lines (65319), with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | PHP webshell which directly eval()s obfuscated string |
Public Nextron YARA rules | malware | PHP webshell using some kind of eval with encoded blob to decode |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
GET travya.asia/xleet.zip | ![]() | 200 OK | 101 kB | |||||||
Detections
HTTP Headers
| ||||||||||