Report - www.cadsofttools.com/download/cadview.zip

Report Overview

Submitted URL
www.cadsofttools.com/download/cadview.zip
IP
94.130.203.161
ASN
#24940 Hetzner Online GmbH
Submitted
2024-04-26 00:06:51
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.cadsofttools.com	unknown	2003-02-26	2012-05-26	2024-04-17	495 B	413 B	94.130.203.161
cadsofttools.com	76106	2003-02-26	2012-05-26	2024-04-18	505 B	2.7 MB	94.130.203.161

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cadsofttools.com/download/cadview.zip
IP
94.130.203.161
ASN
#24940 Hetzner Online GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.7 MB (2740447 bytes)
Hash
0dd58ddb7a85ea1f9ae788710ff6ef46
0588e5f1e333c3a271a723efd06815100d78d450
dffa9928c61c1ba9621ceb5b9e55eb75b1ec5bfa2cf19d392d7bec8c0bab61b3

Archive (37)

Filename

Md5

File type

pluginst.inf

da5729f2576d9ffddbc7306665332c7f

ISO-8859 text, with CRLF line terminators

Changes.txt

170969816dd49718be917c80af679b30

Non-ISO extended-ASCII text, with CRLF line terminators

Languages.txt

c86d3e4884b2ec4dcd982d5eafef9718

Unicode text, UTF-16, little-endian text, with CRLF line terminators

license.txt

bd374767a3e55a4ee55c162834d04314

Non-ISO extended-ASCII text, with very long lines (436), with CRLF line terminators

readme.txt

b7c2afb29980895545fdceb4afc854b8

Non-ISO extended-ASCII text, with CRLF line terminators

CADView.wlx

351af307c744de100bf82419e4494a35

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 9 sections

bigfont.xml

17ff52564f588b2b880cde9e3d801c3d

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Arabic.lng

dbb960c2235d4f0979934f2da878e689

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Belarussian.lng

ed0031633978bff299fdb3744ae81b62

Unicode text, UTF-8 (with BOM) text, with very long lines (330), with CRLF line terminators

Brazilian Portuguese.lng

5c999c391380d3e09c15e6898cd5bf5a

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Bulgarian.lng

c7043e468d183e12ad9fb6275e19e8c3

Unicode text, UTF-8 (with BOM) text, with very long lines (315), with CRLF line terminators

Chinese.lng

7dc425a471aa9f6a8ec1fae91ca497bc

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Czech.lng

6dbd24dcf5e8a3487736bb84ecec4da0

Unicode text, UTF-8 (with BOM) text, with very long lines (316), with CRLF line terminators

Dansk.lng

f0ea026b85707140865cfdaeb4e2e822

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Deutsch.lng

694b8c342d2773c29cf9c712d8387005

Unicode text, UTF-8 (with BOM) text, with very long lines (369), with CRLF line terminators

English.lng

cfccc1a2a21beecbd67b35f3929d9c12

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Finnish.lng

5ab3559f1b8fe2485ae35e0c9d443004

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

French.lng

36907af55e4715e1b7cc086ec8b88af7

Unicode text, UTF-8 (with BOM) text, with very long lines (303), with CRLF line terminators

Greek.lng

b731f49dfb99ed8e2271732d33791cd2

Unicode text, UTF-8 (with BOM) text, with very long lines (362), with CRLF line terminators

Hebrew.lng

aca296d899325ba6df427e99ad01cd93

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Hrvatski.lng

4d1768da02339ba11034830e674a316a

Unicode text, UTF-8 (with BOM) text, with very long lines (307), with CRLF line terminators

Hungarian.lng

0143cf11e47b005381cc8b3795dfc040

Unicode text, UTF-8 (with BOM) text, with very long lines (378), with CRLF line terminators

Italiano.lng

ee98c5910c891c42631b7a4297e491ae

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Korean.lng

ef6ca8b12dbfd445f7da3529fff16180

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Norsk.lng

6291aa076aca524405d842891162fb5c

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Polski.lng

6a37a67ecd114a6f3d6593964072a4ff

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Portuguese (Portugal).lng

b34fb844363327eca307466defdce315

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Romanian.lng

7e7643c5d9615d66d09b3eba46373fb2

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Russian.lng

1acf7ebfa2929a64fd906a983b0a8c93

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Serbian.lng

d2bfc0bc139bc2a305debd0b3f2c05e5

Unicode text, UTF-8 (with BOM) text, with very long lines (327), with CRLF line terminators

Slovak.lng

2f30f3f90c775c43326b568d17d1cf95

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Slovenian.lng

3795070ca0d908bcebaf3b163f93f24f

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Spanish.lng

d6807483c949ff2648d510d0845a76eb

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Svenska.lng

5464ee19cd96fc8cde0b6c75594eb172

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Taiwanese.lng

26d537bb29915c7c9722768722024165

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Turkish.lng

1c93217e170a4037dc7bbb7d292d4695

Unicode text, UTF-8 (with BOM) text, with very long lines (302), with CRLF line terminators

Ukrainian.lng

7661991661fbd366423a08081b7754e9

Unicode text, UTF-8 (with BOM) text, with very long lines (324), with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	www.cadsofttools.com/download/cadview.zip	94.130.203.161	301 Moved Permanently	162 B
URL User Request GET HTTP/2 www.cadsofttools.com/download/cadview.zip IP 94.130.203.161:443 ASN #24940 Hetzner Online GmbH Certificate IssuerLet's Encrypt Subjectcadsofttools.com Fingerprint7F:BF:7A:58:FF:E7:F2:2A:4B:29:24:66:7A:2D:3E:B9:A4:AF:20:B2 ValidityMon, 22 Apr 2024 02:51:55 GMT - Sun, 21 Jul 2024 02:51:54 GMT File type HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /download/cadview.zip HTTP/1.1 Host: www.cadsofttools.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx date: Fri, 26 Apr 2024 00:06:24 GMT content-type: text/html content-length: 162 location: https://cadsofttools.com/download/cadview.zip x-pass: /download/cadview.zip 0 91.90.42.154 X-Firefox-Spdy: h2`

	cadsofttools.com/download/cadview.zip	94.130.203.161	200 OK	2.7 MB
URL User Request GET HTTP/2 cadsofttools.com/download/cadview.zip IP 94.130.203.161:443 ASN #24940 Hetzner Online GmbH Certificate IssuerLet's Encrypt Subjectcadsofttools.com Fingerprint7F:BF:7A:58:FF:E7:F2:2A:4B:29:24:66:7A:2D:3E:B9:A4:AF:20:B2 ValidityMon, 22 Apr 2024 02:51:55 GMT - Sun, 21 Jul 2024 02:51:54 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 2.7 MB (2740447 bytes) Hash 0dd58ddb7a85ea1f9ae788710ff6ef46 0588e5f1e333c3a271a723efd06815100d78d450 dffa9928c61c1ba9621ceb5b9e55eb75b1ec5bfa2cf19d392d7bec8c0bab61b3 HTTP Headers `GET /download/cadview.zip HTTP/1.1 Host: cadsofttools.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 26 Apr 2024 00:06:24 GMT content-type: application/zip content-length: 2740447 last-modified: Fri, 03 Feb 2023 06:49:55 GMT etag: "63dcae93-29d0df" x-pass: /download/cadview.zip 0 91.90.42.154 accept-ranges: bytes X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (37)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers