Report - technoexponent.net/virtual

Report Overview

Visited public
2025-05-13 22:17:58
Tags
Submit Tags
URL
technoexponent.net/virtual_trion.zip
Finishing URL
about:privatebrowsing
IP / ASN
103.211.217.34
#394695 PUBLIC-DOMAIN-REGISTRY
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
technoexponent.net	unknown	2015-02-16	2015-11-22	2025-05-13	504 B	3.8 MB	103.211.217.34

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-13 22:17:28	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2025-05-13 22:17:38	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2025-05-13 22:17:52	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2025-05-13 22:17:55	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
technoexponent.net/virtual_trion.zip
IP
103.211.217.34
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.8 MB (3813939 bytes)
Hash
02598ab9acb2abeb1b308f76b5fddf15
df77b33b659e981ff3e42680b176e94fa66b4c88
155252ef04b54a0d7a932c107cb560b4110670eb9664de52b846947d4eb2bfd8

Archive (54)

Modified	Filename	Size	Md5	File type
2024-02-14 18:31	womask.png	8.3 kB	4ef99fc4a30c361cde8ff1d80f6d7c1f	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-20 14:52	omanv3.png	80 kB	7914c5330141652c9b467edc2e082933	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-23 07:10	tempsq.png	246 kB	02744e511763392cd7542c367d300dc6	PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
2024-02-20 14:44	omanv3 - Copy.png	80 kB	e9cfcc31db267fe83782ebd4071e595e	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-14 16:28	wfullmask.png	9.1 kB	6dea4bc06d44ec7de988185501db3df6	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-10 00:06	mask1.png	38 kB	0ae6454589f1d6782649e5cf83adc983	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-10 00:06	lowmask.png	36 kB	65777d4b8089a257cc0aabee1f62f6db	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-14 18:27	tmask.png	34 kB	0e3bc2fd486b9e7e5e8c062137ca80f6	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-14 16:28	wmask1.png	32 kB	cc38ea9cc061810002884cc8ce040ea9	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-28 19:25	temp.jpg	54 kB	bee8aeddfa331ebd762233664b6f281a	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x400, components 3
2024-02-14 18:28	wtmask.png	26 kB	1ec804d85aaefdf5553b1ed8735859ca	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-20 14:26	manv2.png	115 kB	8f414db6b14f43efdf35c7db584679a4	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-10 00:05	man.png	49 kB	03daab8037d9552e026f61dc9c718dee	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-23 07:10	mask.png	226 kB	8a5fbd13ddf7015b3ef6566fd9d5bcf3	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
2024-02-10 00:07	cmask.png	44 kB	52eb7a1ac33fc63fa006ba150c0b5ad9	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-14 16:28	wlowmask.png	24 kB	b60b8c82cdee82615d8d3c87eeea70e2	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-10 00:09	manmask.png	6.1 kB	0fe6e5e32ddd617634ca21f4dde6495a	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-10 00:30	lowmaskv2.png	32 kB	24abc7598c7934d9acc383abb060de25	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-19 19:27	omanv2.png	21 kB	adae9ab44446c475808afe7c7de01b82	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-14 16:27	wman.png	39 kB	cb0a7e6647d92b3599041e0c11199d20	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-10 00:05	cman.png	49 kB	03daab8037d9552e026f61dc9c718dee	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-10 00:07	fullmask.png	14 kB	4bc6da98ccc396c4c2c33ef4b69fa2f0	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-14 16:28	wcmask.png	34 kB	3b19fe85e64e6b3cc8cb051ab8be381c	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-02-14 18:30	omask.png	14 kB	dffec00db49972c86a8b8a83c31a3414	PNG image data, 337 x 337, 8-bit/color RGBA, non-interlaced
2024-03-01 11:59	phpinfo.php	19 B	53628903e3c9cf1593d4ef97067fba40	PHP script, ASCII text
2024-02-28 18:42	index.html	5.3 kB	68fbea16e6061bf5baa6b4024ffbeb19	HTML document, ASCII text
2024-02-29 11:25	.htaccess	128 B	034407b5a4eef26527cc3e942b1037c3	ASCII text, with CRLF line terminators
2024-02-29 11:23	photorealv2 (Responsive fixed).zip	1.9 MB	a49e2bfa6430a628fe17455b1e050cc2	Zip archive data, at least v1.0 to extract, compression method=store
2023-05-07 10:59	package.json	598 B	c08888d6a85af0417182a131ee6c8c12	JSON text data
2023-05-07 10:59	DOCS.md	24 kB	d389659f84fd122d2bbb75a526718486	Unicode text, UTF-8 text, with very long lines (521)
2023-05-07 10:59	build.sh	249 B	b7dbe8c879d03c4a756abc460fac3d86	Bourne-Again shell script, ASCII text executable
2023-05-07 10:59	LICENSE	1.1 kB	ffaa7a95aa52516a17011f30d58093da	ASCII text
2023-05-07 10:59	README.md	1.4 kB	85990ba6cf44f56e1d0c80331b96f80b	Unicode text, UTF-8 text, with very long lines (375)
2023-05-07 10:59	webcam.swf	7.1 kB	097e2bdcd17447390bd1caed7fa2934f	Macromedia Flash data (compressed), version 27
2023-05-07 10:59	Webcam.fla	3.6 kB	609771db73e91a5f6e5f1f29b1f72fa1	Zip archive data, at least v2.0 to extract, compression method=store
2023-05-07 10:59	Base64Encoder.as	11 kB	96ae1f8c0b7b604b48f6ba7daaf19c3a	Java source, ASCII text
2023-05-07 10:59	README.txt	1.0 kB	5615dbc98d97d9bed16e5ec32d28154b	ASCII text, with very long lines (355)
2023-05-07 10:59	PNGEncoder.as	5.3 kB	4d93cbf138a56a51efc38eec11d49b20	ASCII text
2023-05-07 10:59	JPGEncoder.as	19 kB	36e27c1f7c20dd802f6201768f96d897	ASCII text
2023-05-07 10:59	BitString.as	1.9 kB	98dbfbe84e90a5c4f2682bd39732d8b4	ASCII text
2023-05-07 10:59	Webcam.as	6.3 kB	51ef7977bfe915d7c080779ebe91efa4	C source, Unicode text, UTF-8 (with BOM) text
2023-05-07 10:59	bower.json	458 B	340e9f28d141e52a5911e3e6cca4a389	JSON text data
2023-05-07 10:59	webcam.js	36 kB	efbfcc2a6ed04f70391e0c6d43ed52dd	JavaScript source, ASCII text, with very long lines (1099)
2023-05-07 10:59	webcam.min.js	18 kB	8c19ef8866fa8eebca66baa5401be65d	JavaScript source, ASCII text, with very long lines (18346)
2024-02-28 19:26	output.php	6.3 kB	ea812b0a4906dd5f6fc9e9d35a8fc6fb	HTML document, ASCII text, with very long lines (445), with CRLF line terminators
2024-02-23 00:26	tempsq.png	235 kB	34a1875305ac848f2ffda1498a35cd04	PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
2024-02-23 00:26	temp.jpg	38 kB	a219b3dc039e8d7578f5a4074199b601	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x400, components 3
2024-02-23 00:26	mask.png	258 kB	d4069ef78f742c447e45a2d49e30d922	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
2024-02-21 01:14	rb.png	5.5 kB	944b5f1f06e8e1fa17f0388a2e4ce04a	PNG image data, 708 x 550, 8-bit/color RGBA, non-interlaced
2024-02-21 01:52	rb2.png	5.8 kB	4fb7ef28a8211302e4d69975d15b2499	PNG image data, 512 x 397, 8-bit/color RGBA, non-interlaced
2024-02-23 07:02	upload.php	2.5 kB	4c54abebb332ed29c141dbd283bd7e59	PHP script, ASCII text, with CRLF line terminators
2024-03-01 00:39	.ftpquota	11 B	f54d9023fecb6bd174a606ead60fc356	ASCII text
2024-02-21 00:05	nodemailer.js	614 B	a34a9aa8d967449b61d915c565a752b5	JavaScript source, ASCII text, with CRLF line terminators
2024-02-28 19:31	home.php	6.4 kB	eb7cf6b180cbef31c640947f59f712df	HTML document, ASCII text, with CRLF line terminators

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	GET technoexponent.net/virtual_trion.zip	103.211.217.34	200 OK	3.8 MB
URL User Request GET technoexponent.net/virtual_trion.zip IP 103.211.217.34:443 ASN #394695 PUBLIC-DOMAIN-REGISTRY Certificate IssuerLet's Encrypt Subject.technoexponent.net Fingerprint8C:77:CE:43:EA:D5:EC:9E:20:EB:10:C8:B3:78:88:1C:74:A0:D9:BC ValiditySat, 03 May 2025 14:14:26 GMT - Fri, 01 Aug 2025 14:14:25 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 3.8 MB (3813939 bytes) Hash 02598ab9acb2abeb1b308f76b5fddf15 df77b33b659e981ff3e42680b176e94fa66b4c88 155252ef04b54a0d7a932c107cb560b4110670eb9664de52b846947d4eb2bfd8 HTTP Headers `GET /virtual_trion.zip HTTP/1.1 Host: technoexponent.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 13 May 2025 22:17:25 GMT Server: Apache Last-Modified: Fri, 01 Mar 2024 06:41:19 GMT Accept-Ranges: bytes Content-Length: 3813939 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/zip`

GET technoexponent.net/virtual_trion.zip

103.211.217.34

200 OK

3.8 MB

URL User Request GET
technoexponent.net/virtual_trion.zip
IP
103.211.217.34:443
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

Certificate
IssuerLet's Encrypt
Subject*.technoexponent.net
Fingerprint8C:77:CE:43:EA:D5:EC:9E:20:EB:10:C8:B3:78:88:1C:74:A0:D9:BC
ValiditySat, 03 May 2025 14:14:26 GMT - Fri, 01 Aug 2025 14:14:25 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.8 MB (3813939 bytes)
Hash
02598ab9acb2abeb1b308f76b5fddf15
df77b33b659e981ff3e42680b176e94fa66b4c88
155252ef04b54a0d7a932c107cb560b4110670eb9664de52b846947d4eb2bfd8

HTTP Headers

GET /virtual_trion.zip HTTP/1.1
Host: technoexponent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 May 2025 22:17:25 GMT
Server: Apache
Last-Modified: Fri, 01 Mar 2024 06:41:19 GMT
Accept-Ranges: bytes
Content-Length: 3813939
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (54)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers