Report - www.uwe-sieber.de/files/DeviceCleanupCmd.zip

Report Overview

Submitted URL
www.uwe-sieber.de/files/DeviceCleanupCmd.zip
IP
217.160.0.237
ASN
#8560 IONOS SE
Submitted
2024-03-28 13:46:31
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-03-27	511 B	1.2 kB	35.244.181.201
www.uwe-sieber.de	unknown	unknown	2017-02-03	2024-03-25	498 B	47 kB	217.160.0.237

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.uwe-sieber.de/files/DeviceCleanupCmd.zip
IP
217.160.0.237
ASN
#8560 IONOS SE

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
47 kB (46683 bytes)
Hash
be17614abb537a4d2dcebce296272b4a
b63872b06db6def6b5b24d459871e14f5e568d0c
d0c40fdbd2bb4af0d9a8d110138d9967720c8f7c327c6e0027833843048ca628

Archive (3)

Filename

Md5

File type

DeviceCleanupCmd.txt

2c25022daa2444b6c5896877689464bc

ASCII text, with CRLF line terminators

DeviceCleanupCmd.exe

01001559251b18ecb33e2d02213eb0bb

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

DeviceCleanupCmd.exe

8eae1aec5f34e4a8e04a60075bcfb0f8

PE32+ executable (console) x86-64, for MS Windows, 6 sections

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	www.uwe-sieber.de/files/DeviceCleanupCmd.zip	217.160.0.237	200 OK	47 kB
URL User Request GET HTTP/2 www.uwe-sieber.de/files/DeviceCleanupCmd.zip IP 217.160.0.237:443 ASN #8560 IONOS SE Certificate IssuerDigiCert Inc Subject.uwe-sieber.de FingerprintA3:57:20:B2:01:AA:D1:85:6F:B1:72:F1:C2:7D:16:68:67:AA:F8:55 ValidityThu, 07 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 47 kB (46683 bytes) Hash be17614abb537a4d2dcebce296272b4a b63872b06db6def6b5b24d459871e14f5e568d0c d0c40fdbd2bb4af0d9a8d110138d9967720c8f7c327c6e0027833843048ca628 HTTP Headers `GET /files/DeviceCleanupCmd.zip HTTP/1.1 Host: www.uwe-sieber.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/zip content-length: 46683 date: Thu, 28 Mar 2024 13:46:06 GMT server: Apache last-modified: Tue, 28 Dec 2021 09:59:36 GMT etag: "b65b-5d431e0f21200" accept-ranges: bytes X-Firefox-Spdy: h2`

	aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml	35.244.181.201		444 B
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP 35.244.181.201:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type XML 1.0 document, ASCII text, with very long lines (332) Size 444 B (444 bytes) Hash 3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463 HTTP Headers `GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1 Host: aus5.mozilla.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx rule-id: unknown rule-data-version: unknown content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-29-22-13-57.chain; p384ecdsa=P_QZ375Y2z4gFERfBFnu57sIQbXCfWjfAVNRyFcUCvlO-n8qn-PgqU7k9KLEXxJdKXRM90V1Wr-QjgSE-4Q9sZ584haFi06Yblbg3UTzOhAqEBttePog1MHapZFZ-ZuR strict-transport-security: max-age=31536000; x-content-type-options: nosniff content-security-policy: default-src 'none'; frame-ancestors 'none' x-proxy-cache-status: MISS content-encoding: gzip via: 1.1 google date: Thu, 28 Mar 2024 13:45:15 GMT content-type: text/xml; charset=utf-8 vary: Accept-Encoding content-length: 444 age: 70 cache-control: public,max-age=90 alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (3)

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers