Report - member.ipmu.jp/yuji.tachikawa/spires/zips/spires

Report Overview

Submitted URL
member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.1.21.zip
IP
157.82.236.62
ASN
#2501 The University of Tokyo
Submitted
2024-04-18 11:40:01
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
member.ipmu.jp	731065	2007-11-04	2017-02-16	2023-05-20	513 B	880 kB	157.82.236.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.1.21.zip
IP
157.82.236.62
ASN
#2501 The University of Tokyo

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
879 kB (879175 bytes)
Hash
8d7185e0d8763a4c0d8dac6d9b719558
96b280a740df77e192b82ca3e477e453691c6733
b6fd95fa68fc30e630bd2ea264061e4852df51f7ec23a680b144c997f8c81608

Archive (78)

Filename

Md5

File type

CodeResources

192a63a2c719d8d38b30d9971010ecc4

XML 1.0 document, ASCII text

CodeResources

d54d6c1efacbb45ac0ed1be4597e6bbd

ASCII text, with no line terminators

Headers

86c63de7bd8775780ac77380b5c049c4

ASCII text, with no line terminators

Resources

e58c4cf10cc7c8ef7d7167ccb641aeb4

ASCII text, with no line terminators

Sparkle

078cd5564ff6fd5418ddc4d9179fca8c

ASCII text, with no line terminators

Sparkle.strings

c8310a6a61c3da7348afe30fc822121b

Unicode text, UTF-16, big-endian text, with very long lines (368)

classes.nib

fb99a49b19c34f97f77a81e5eecbb184

XML 1.0 document, ASCII text

info.nib

95c17a87b57873d9888a97231d0c18e1

XML 1.0 document, ASCII text

keyedobjects.nib

ee303bb6f990b556dcd84060df93c07f

Apple binary property list

classes.nib

c137beae670f04fa9f87968d627d2a23

XML 1.0 document, ASCII text

info.nib

cd718d7588fcdb442eb2f25edb0ffe6c

XML 1.0 document, ASCII text

keyedobjects.nib

9ec4d1f38e1016863838664f8a537cd6

Apple binary property list

classes.nib

b9c3d0c2670efd8f5e1fba7c969ab20f

XML 1.0 document, ASCII text

info.nib

c43fc1c5b5710ba09288aba30cc91e6f

XML 1.0 document, ASCII text

keyedobjects.nib

f68ea826bf866a9be1f213c4b6e2b520

Apple binary property list

Info.plist

13ffb6413a0fbc36342ccb6b6f1bfa40

XML 1.0 document, ASCII text

License.txt

29284fe742e0698808c766d3384bf6c1

ASCII text, with very long lines (460)

relaunch

a667fe69ff3182b7ecead62789869256

SUModelTranslation.plist

f1ea04fe15a18d331dd1cde62aee3953

XML 1.0 document, ASCII text

classes.nib

f549ec7c9d48cf0940b33c63feb55429

XML 1.0 document, ASCII text

info.nib

e36a13c27ce71939ad81e1e0a162618c

XML 1.0 document, ASCII text

keyedobjects.nib

6ceb5d9320a931354362b208b5240536

Apple binary property list

Sparkle

ee0fe60e7d3aa52c7dab1cfa79f81116

Current

7fc56270e7a70fa81a5935b72eacbe29

very short file (no magic)

Info.plist

5eee470af6d5b77ef2c949509d49c37b

XML 1.0 document, ASCII text

spires

54df8c75d0b94caf0001ce6deb9d0cc6

Mach-O universal binary with 2 architectures: [i386: - Mach-O i386 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>] [ - ppc_7400: - Mach-O ppc_7400 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>]

PkgInfo

23b7d7d024abb0f558420e098800bf27

ASCII text, with no line terminators

Acknowledgments.html

994bd5cebb1a5a127fc4620398219813

HTML document, ASCII text

ActivityMonitor.nib

ecd71d602bf89aa425cded59b1430aee

Apple binary property list

arxiv.ico

03dce4ffbabe609996a8c2920b614b2e

MS Windows icon resource - 2 icons, 16x16, 32x32

ArxivNewCreateSheet.nib

a0b0db914205dcd2c6a1f783de643335

Apple binary property list

ButtonBarPullDownArrow.pdf

a3e21e098edbc5fba4bd2bf689f8192b

PDF document, version 1.7, 1 pages

BWToolKit-License.rtf

44197b5ccdd06a75ee9bd364e3d989d7

Rich Text Format data, version 1, ANSI, code page 1252

canned-search.png

8697f1b1e03650a9b77b375dc4e5602f

PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced

ClientDescription.plist

5646efbc545f7b5f6995efe309643fe3

XML 1.0 document, ASCII text

defaults.plist

7587efb84b360919fc7d785c44459510

XML 1.0 document, Unicode text, UTF-8 text

dsa_pub.pem

c491fa208a0ff99498dedfd2592a55fa

ASCII text

InfoPlist.strings

e508b3b04a5d0d120c41c81ef9a58499

Unicode text, UTF-16, big-endian text

MainMenu.nib

f6b8688de578317846a7452c8a3460bf

Apple binary property list

flagged.png

5325ddf732780e2dd3eefbb0e9318160

PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced

GradientSplitViewDimpleBitmap.tif

ab76acc7c9633cf706382dfdca536066

TIFF image data, big-endian, direntries=20, height=4, bps=0, compression=LZW, PhotometricInterpretation=RGB, orientation=upper-left, width=4

GradientSplitViewDimpleVector.pdf

0bc17a6206cddb722a34437b3c0f334f

PDF document, version 1.7, 1 pages

hasPDF.png

835db1891a523476374e2f8a8a5635b2

PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced

Importer.nib

628f8fdbe98bb25f210a26fe260e82a7

Apple binary property list

Localizable.strings

cdab52e6b93717c38b1f9f52f34d075a

Unicode text, UTF-16, big-endian text

magicRegExps.perl

e11f9965544274a414e6f1b215c957c2

Perl script text executable

MessageViewer.nib

273624f232d85b38ad1a5efe97cef21e

Apple binary property list

parseTeXandEmitPlist.perl

5ae34ab8022034950935117b06498410

Perl script text executable

pdfScanHelper

0aec7a14448fbbafcbb56f1321af8546

Mach-O universal binary with 2 architectures: [i386: - Mach-O i386 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>] [ - ppc_7400: - Mach-O ppc_7400 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>]

PrefPane.nib

90d0d457aec5f7b63d1f6237db6d974f

Apple binary property list

Release Notes.html

2541ad7b252cd181d2d72b6d6296ac62

HTML document, ASCII text

Requests.html

23cd8515b623151e0edabbe0c4e6a6a5

HTML document, Unicode text, UTF-8 text

SnowLeopardAlert.rtf

cfc7caac40d1529cfaa07b4d3b0e0451

Rich Text Format data, version 1, ANSI, code page 932

spires-blue.ico

2418eb44b81c7395bb58be936bfc306a

MS Windows icon resource - 1 icon, 16x16

spires-red.ico

cc79ffd440ed370b29ca24903801988d

MS Windows icon resource - 1 icon, 16x16

spires.icns

499cdb8df675b16b7cc88ffba45a755d

Mac OS X icon, 90832 bytes, "is32" type

spires.sdef

2f11eac3255608d2f4766635f03fdd51

XML 1.0 document, ASCII text

Info.plist

41268b5505606cb72492ad73a3bb3c94

XML 1.0 document, ASCII text

Schema.strings

4e6d7f4f0fb81fe06d9633f64a7f173b

Unicode text, UTF-16, little-endian text

Schema.plist

90b3ce031fac2b694b8422be0c637d9b

XML 1.0 document, ASCII text

spires.icns

499cdb8df675b16b7cc88ffba45a755d

Mac OS X icon, 90832 bytes, "is32" type

spires_DataModel 2.mom

d004b6e0a8c64f942f68dab9d020e5fe

Apple binary property list

spires_DataModel 3.mom

ceca720b09116956ba2409b2909e693e

Apple binary property list

spires_DataModel 4.mom

0b97feff8a8a3092092928d7d30551cf

Apple binary property list

spires_DataModel.mom

6ca68e88a3206f201459a4961bfff63d

Apple binary property list

VersionInfo.plist

eeeb315d70451c657d4a47dd96cea180

XML 1.0 document, ASCII text

spiresHook.pkg

74313c79dcd3e2ec796d42654e2ce6c6

xar archive compressed TOC: 815, SHA-1 checksum, contains zlib compressed data

Info.plist

2c75b4f7801c7f8b259975004742770d

XML 1.0 document, ASCII text

SpiresQuickLookHelper

44f40c60ed558d1655fed9915b8b7382

Mach-O universal binary with 2 architectures: [i386: - Mach-O i386 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>] [ - ppc_7400: - Mach-O ppc_7400 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>]

PkgInfo

23b7d7d024abb0f558420e098800bf27

ASCII text, with no line terminators

MainMenu.nib

2c60a9538c07095b6bac1b55094aef0f

Apple binary property list

template.html

262aa15ba870a6e51fceb733edac6f9b

HTML document, ASCII text

TeXWatcher.nib

f1e49831f8b516fb6a86fbd0257d119a

Apple binary property list

unread.png

130ce0a88eb58d2bde54f74577d7df9b

PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced

v1-v2.cdm

bdfb8fb1230363dc9e32c4b2e7b5509c

Apple binary property list

v2-v3.cdm

058284676732f3a5ad846e74a86cbd4b

Apple binary property list

v3-v4.cdm

d970f494f686e01539d85c98f0d0aaec

Apple binary property list

wwwrefsbibtex2xmlpublic.perl

1bc09e8f36a647ede480aa0d9979dcff

Perl script text executable

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Size
	member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.1.21.zip	157.82.236.62	879 kB
URL member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.1.21.zip IP 157.82.236.62:0 ASN #2501 The University of Tokyo File type Zip archive data, at least v1.0 to extract, compression method=store Size 879 kB (879175 bytes) Hash 8d7185e0d8763a4c0d8dac6d9b719558 96b280a740df77e192b82ca3e477e453691c6733 b6fd95fa68fc30e630bd2ea264061e4852df51f7ec23a680b144c997f8c81608 HTTP Headers `GET /yuji.tachikawa/spires/zips/spires_1.1.21.zip HTTP/1.1 Host: member.ipmu.jp User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 11:39:35 GMT Server: Apache Strict-Transport-Security: max-age=63072000 Last-Modified: Fri, 10 Feb 2017 14:23:00 GMT ETag: "d6a47-5482dd5b9b900" Accept-Ranges: bytes Content-Length: 879175 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/zip`

member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.1.21.zip

157.82.236.62

879 kB

URL
member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.1.21.zip
IP
157.82.236.62:0
ASN
#2501 The University of Tokyo

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
879 kB (879175 bytes)
Hash
8d7185e0d8763a4c0d8dac6d9b719558
96b280a740df77e192b82ca3e477e453691c6733
b6fd95fa68fc30e630bd2ea264061e4852df51f7ec23a680b144c997f8c81608

HTTP Headers

GET /yuji.tachikawa/spires/zips/spires_1.1.21.zip HTTP/1.1
Host: member.ipmu.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 11:39:35 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000
Last-Modified: Fri, 10 Feb 2017 14:23:00 GMT
ETag: "d6a47-5482dd5b9b900"
Accept-Ranges: bytes
Content-Length: 879175
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (78)

Detections

JavaScript (0)

HTTP Transactions (1)

URL

IP

ASN

File type

Size

Hash

HTTP Headers