Report - 176.57.181.245:8080/mods/FS22_mediumMetalMachineHall01.zip

Report Overview

Submitted URL
176.57.181.245:8080/mods/FS22_mediumMetalMachineHall01.zip
IP
176.57.181.245
ASN
#56876 Ociris GmbH
Submitted
2024-04-25 09:08:46
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
176.57.181.245:8080	unknown	unknown	No data	No data	428 B	9.7 MB	176.57.181.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	176.57.181.245	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
176.57.181.245:8080/mods/FS22_mediumMetalMachineHall01.zip
IP
176.57.181.245
ASN
#56876 Ociris GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
9.7 MB (9694183 bytes)
Hash
b64be22f890f2bbe4c078e714c047b44
3d99ac0a5e0cd2b61c319507b35a0821a59f0358
df03467b5eae75e708eccf6d01b5e4cee8bc08c6f199fd1b17230235561286aa

Archive (11)

Modified	Filename	Size	Md5	File type
2023-02-02 07:02	icon_mediumMetalMachineHall01.dds	33 kB	ff8035394e71f56a905e8ccc0f31de37	Microsoft DirectDraw Surface (DDS): 256 x 256, compressed using DX10
2023-02-02 07:03	mediumMetalMachineHall01.i3d	23 kB	5a6ba3ff27c1cc7ae8232d86f1332257	XML 1.0 document, ASCII text
2023-02-02 07:01	mediumMetalMachineHall01.i3d.shapes	1.6 MB	e83cfde558718f448dd0d30388d2f2ff	data
2023-02-02 07:02	mediumMetalMachineHall01.xml	36 kB	0e71693480bcb68f7006f963222d8d8c	XML 1.0 document, ASCII text, with CRLF line terminators
2023-02-02 07:01	modDesc.xml	1.3 kB	cd24f82a05d7a2077ee8d685f7b1d8ca	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
2023-02-02 07:02	store_mediumMetalMachineHall01.dds	262 kB	bebf95634204c0a384c36baac9fd61f8	Microsoft DirectDraw Surface (DDS): 512 x 512, DXGI format: BC7_UNORM
2023-02-02 07:01	mashineryHall_diffuse.dds	11 MB	ff689a9016d52d1746f53105a1202471	Microsoft DirectDraw Surface (DDS): 2048 x 8192, compressed using DX10
2023-02-02 07:01	mashineryHall_height.dds	2.8 MB	49c3394148240bfd369840846da2e768	Microsoft DirectDraw Surface (DDS): 1024 x 4096, compressed using DX10
2023-02-02 07:01	mashineryHall_mask.dds	2.8 MB	8c5cd5d5197cd267c4013f051bd41d5f	Microsoft DirectDraw Surface (DDS): 2048 x 2048, compressed using DX10
2023-02-02 07:01	mashineryHall_normal.dds	11 MB	5e49aafaf32112993df0238dad3d0248	Microsoft DirectDraw Surface (DDS): 2048 x 8192, compressed using DX10
2023-02-02 07:01	mashineryHall_specular.dds	11 MB	69e2de973be549a2cf56c3d2d040ec17	Microsoft DirectDraw Surface (DDS): 2048 x 8192, compressed using DX10

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

176.57.181.245:8080/mods/FS22_mediumMetalMachineHall01.zip

176.57.181.245

200 OK

9.7 MB

URL User Request GET HTTP/1.1
176.57.181.245:8080/mods/FS22_mediumMetalMachineHall01.zip
IP
176.57.181.245:8080
ASN
#56876 Ociris GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
9.7 MB (9694183 bytes)
Hash
b64be22f890f2bbe4c078e714c047b44
3d99ac0a5e0cd2b61c319507b35a0821a59f0358
df03467b5eae75e708eccf6d01b5e4cee8bc08c6f199fd1b17230235561286aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mods/FS22_mediumMetalMachineHall01.zip HTTP/1.1
Host: 176.57.181.245:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-control: must-revalidate, post-check=0, pre-check=0
Content-description: File Transfer
Content-disposition: attachment; filename="FS22_mediumMetalMachineHall01.zip"
Content-transfer-encoding: binary
Content-type: application/zip
Date: Thu, 25 Apr 2024 11:08:18 GMT
Expires: 0
Last-modified: Thu, 25 Apr 2024 11:08:18 GMT
Pragma: public
Server: GIANTS Dedicated Server GIANTS Dedicated Server/9.2.0.0
Set-Cookie: SessionID=220201713935642; path=/
Content-Length: 9694183

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (11)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers