Report - 176.57.181.245:8080/mods/FS22_Feed_mixing_plants

Report Overview

Submitted URL
176.57.181.245:8080/mods/FS22_Feed_mixing_plants_XXL.zip
IP
176.57.181.245
ASN
#56876 Ociris GmbH
Submitted
2024-04-25 09:08:42
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
176.57.181.245:8080	unknown	unknown	No data	No data	426 B	5.2 MB	176.57.181.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	176.57.181.245	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
176.57.181.245:8080/mods/FS22_Feed_mixing_plants_XXL.zip
IP
176.57.181.245
ASN
#56876 Ociris GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
5.2 MB (5170924 bytes)
Hash
134756197da41b2762c90e5506c5d619
7e4eabbac7ffc07de27557f1ba0f7fe6dff6759e
5ab0b7b015a9be5a8c5c33bb5f76dfc0a505bcb5e5ce618399d41a69f2b6fee3

Archive (11)

Modified	Filename	Size	Md5	File type
2023-08-08 13:06	Pig_FoodXXL_DS.i3d	42 kB	d2b23cf2e793914994a634888dddd4c8	XML 1.0 document, ASCII text, with very long lines (318)
2023-08-08 13:06	Pig_FoodXXL_DS.i3d.shapes	2.5 MB	f57da0d3480c75a761a7459de722f3cb	data
2023-08-08 13:08	TMR_FeedXXL_DS.i3d	42 kB	0fb44a8688c78b6ba357abefb2701a6c	XML 1.0 document, ASCII text, with very long lines (318)
2023-08-08 13:08	TMR_FeedXXL_DS.i3d.shapes	2.5 MB	73d3c96d76204c72a62ade6d946d295a	data
2023-08-08 14:29	icon_TMR_FeedXXL_DS.dds	33 kB	9a2c495b19607681f8cdc0d991624a76	Microsoft DirectDraw Surface (DDS): 256 x 256, compressed using DX10
2023-08-08 13:27	modDesc.xml	1.2 kB	b9e65f516ab35e1f73c12964670210f6	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
2023-08-08 14:30	store_Pig_FoodXXL_DS.dds	262 kB	4ac12236d709aef475879af490e306ae	Microsoft DirectDraw Surface (DDS): 512 x 512, DXGI format: BC7_UNORM
2023-08-08 14:30	store_TMR_Feed_XXL_DS.dds	262 kB	d07ace0a7e63bacba6d1bd2cfc4ca161	Microsoft DirectDraw Surface (DDS): 512 x 512, DXGI format: BC7_UNORM
2023-07-17 20:01	PowerDecal_diffuse.dds	350 kB	60858aa856f2bd976cc80a7c7b6c3a43	Microsoft DirectDraw Surface (DDS): 1024 x 256, compressed using DX10
2023-08-18 11:22	Pig_FoodXXL_DS.xml	10 kB	86bf2a5f38477e79e853088728797261	XML 1.0 document, ASCII text, with CRLF line terminators
2023-08-18 11:22	TMR_FeedXXL_DS.xml	10 kB	c7b5d7a2b64585563d2f544e2efe0b9c	XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

176.57.181.245:8080/mods/FS22_Feed_mixing_plants_XXL.zip

176.57.181.245

200 OK

5.2 MB

URL User Request GET HTTP/1.1
176.57.181.245:8080/mods/FS22_Feed_mixing_plants_XXL.zip
IP
176.57.181.245:8080
ASN
#56876 Ociris GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
5.2 MB (5170924 bytes)
Hash
134756197da41b2762c90e5506c5d619
7e4eabbac7ffc07de27557f1ba0f7fe6dff6759e
5ab0b7b015a9be5a8c5c33bb5f76dfc0a505bcb5e5ce618399d41a69f2b6fee3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mods/FS22_Feed_mixing_plants_XXL.zip HTTP/1.1
Host: 176.57.181.245:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-control: must-revalidate, post-check=0, pre-check=0
Content-description: File Transfer
Content-disposition: attachment; filename="FS22_Feed_mixing_plants_XXL.zip"
Content-transfer-encoding: binary
Content-type: application/zip
Date: Thu, 25 Apr 2024 11:08:16 GMT
Expires: 0
Last-modified: Thu, 25 Apr 2024 11:08:16 GMT
Pragma: public
Server: GIANTS Dedicated Server GIANTS Dedicated Server/9.2.0.0
Set-Cookie: SessionID=220141713935639; path=/
Content-Length: 5170924

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (11)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers