Report - allgaeustrom.zip

Report Overview

Visited public
2025-04-14 15:25:00
Tags
URL
allgaeustrom.zip
Finishing URL
allgaeustrom.zip/
IP / ASN
213.182.0.82
#12931 IDKOM Networks GmbH
Title
allgaeustrom.zip - SpeedParking (internetted by ID.KOM)

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gfxsrc.idkom.de	unknown	unknown	2024-12-31	2025-04-13	2.3 kB	10 kB	213.182.13.62
allgaeustrom.zip	unknown	2023-06-13	2024-12-31	2025-03-02	1.6 kB	9.5 kB	213.182.0.82

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-14 15:24:39	low	Client IP	213.182.0.82	ET INFO HTTP Request to a *.zip Domain
2025-04-14 15:24:40	low	Client IP	213.182.0.82	ET INFO HTTP Request to a *.zip Domain
2025-04-14 15:24:40	low	Client IP	213.182.0.82	ET INFO HTTP Request to a *.zip Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (9)

URL IP Response Size

gfxsrc.idkom.de/misc/speedparking/parking_img.jpg

213.182.13.62

200 OK

4.5 kB

URL GET
gfxsrc.idkom.de/misc/speedparking/parking_img.jpg
IP
213.182.13.62:443
ASN
#12931 IDKOM Networks GmbH

Requested by
http://allgaeustrom.zip/
Certificate
IssuerSectigo Limited
Subject*.idkom.de
Fingerprint6C:06:95:81:08:BA:1F:38:BB:7F:A9:9D:57:FB:BC:A5:47:C8:20:50
ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 323x129, components 3
Size
4.5 kB (4462 bytes)
Hash
a4565229ef738903aa329e38d9188822
7a73c3e055636101aa6b5124f11fb2d911eebf93
1bbb908cb95b4df0a917f9a7883a60ff5a82123dd90e698a0bcbe26e92673708

HTTP Headers

GET /misc/speedparking/parking_img.jpg HTTP/1.1
Host: gfxsrc.idkom.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://allgaeustrom.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Apr 2025 15:24:40 GMT
server: Apache
last-modified: Mon, 13 Aug 2001 10:26:26 GMT
etag: "116e-38b66c1e3f880"
accept-ranges: bytes
content-length: 4462
content-type: image/jpeg
X-Firefox-Spdy: h2

allgaeustrom.zip/favicon.ico

213.182.0.82

302 Found

3.0 kB

URL GET
allgaeustrom.zip/favicon.ico
IP
213.182.0.82:80
ASN
#12931 IDKOM Networks GmbH

Requested by
http://allgaeustrom.zip/

File type

Size
3.0 kB (2970 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: allgaeustrom.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://allgaeustrom.zip/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 14 Apr 2025 15:24:40 GMT
Server: Apache
Location: http://allgaeustrom.zip/
Content-Length: 208
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

allgaeustrom.zip/

213.182.0.82

200 OK

3.0 kB

URL GET
allgaeustrom.zip/
IP
213.182.0.82:80
ASN
#12931 IDKOM Networks GmbH

Requested by
http://allgaeustrom.zip/

File type
HTML document, ASCII text, with very long lines (306)
Size
3.0 kB (2970 bytes)
Hash
2ba35bea15bdcad2cee7243c2114a1d0
14739e92751f3966a06bddc4c92c493142e13f56
3b99928c7a64b7c44bc76e952a66be06a7a5f59b212a28b251a58925721fe41a

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: allgaeustrom.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://allgaeustrom.zip/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 14 Apr 2025 15:24:40 GMT
Server: Apache
Keep-Alive: timeout=4, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

gfxsrc.idkom.de/misc/speedparking/mailico_off.gif

213.182.13.62

200 OK

86 B

URL GET
gfxsrc.idkom.de/misc/speedparking/mailico_off.gif
IP
213.182.13.62:443
ASN
#12931 IDKOM Networks GmbH

Requested by
http://allgaeustrom.zip/
Certificate
IssuerSectigo Limited
Subject*.idkom.de
Fingerprint6C:06:95:81:08:BA:1F:38:BB:7F:A9:9D:57:FB:BC:A5:47:C8:20:50
ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

File type
GIF image data, version 89a, 14 x 11
Size
86 B (86 bytes)
Hash
5961e99716c972493870392f15a39410
defacb756b65a1631b1c10adb216785083a449b4
433c4dc0b78447fc27ff33368e89c4187beb51833d732e0ccc82c7df80e6c63b

HTTP Headers

GET /misc/speedparking/mailico_off.gif HTTP/1.1
Host: gfxsrc.idkom.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://allgaeustrom.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Apr 2025 15:24:40 GMT
server: Apache
last-modified: Mon, 13 Aug 2001 10:26:26 GMT
etag: "56-38b66c1e3f880"
accept-ranges: bytes
content-length: 86
content-type: image/gif
X-Firefox-Spdy: h2

gfxsrc.idkom.de/misc/speedparking/b.gif

213.182.13.62

200 OK

43 B

URL GET
gfxsrc.idkom.de/misc/speedparking/b.gif
IP
213.182.13.62:443
ASN
#12931 IDKOM Networks GmbH

Requested by
http://allgaeustrom.zip/
Certificate
IssuerSectigo Limited
Subject*.idkom.de
Fingerprint6C:06:95:81:08:BA:1F:38:BB:7F:A9:9D:57:FB:BC:A5:47:C8:20:50
ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /misc/speedparking/b.gif HTTP/1.1
Host: gfxsrc.idkom.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://allgaeustrom.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Apr 2025 15:24:40 GMT
server: Apache
last-modified: Mon, 13 Aug 2001 10:26:26 GMT
etag: "2b-38b66c1e3f880"
accept-ranges: bytes
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2

gfxsrc.idkom.de/misc/speedparking/spkparking.gif

213.182.13.62

200 OK

2.9 kB

URL GET
gfxsrc.idkom.de/misc/speedparking/spkparking.gif
IP
213.182.13.62:443
ASN
#12931 IDKOM Networks GmbH

Requested by
http://allgaeustrom.zip/
Certificate
IssuerSectigo Limited
Subject*.idkom.de
Fingerprint6C:06:95:81:08:BA:1F:38:BB:7F:A9:9D:57:FB:BC:A5:47:C8:20:50
ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

File type
GIF image data, version 89a, 362 x 39
Size
2.9 kB (2902 bytes)
Hash
8084d9fde63e1ecac8ac749718159c3a
45452c704ce0960efb73344af9d757bcc45217dc
d7c8d4621219e2d3287f493e864eac432c6aae32b4d08ff7c2af8c8706a649ff

HTTP Headers

GET /misc/speedparking/spkparking.gif HTTP/1.1
Host: gfxsrc.idkom.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://allgaeustrom.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Apr 2025 15:24:40 GMT
server: Apache
last-modified: Mon, 13 Aug 2001 10:26:26 GMT
etag: "b56-38b66c1e3f880"
accept-ranges: bytes
content-length: 2902
content-type: image/gif
X-Firefox-Spdy: h2

allgaeustrom.zip/

0.0.0.0

0 B

URL User Request GET
allgaeustrom.zip/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: allgaeustrom.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

allgaeustrom.zip/

213.182.0.82

200 OK

3.0 kB

URL User Request GET
allgaeustrom.zip/
IP
213.182.0.82:80
ASN
#12931 IDKOM Networks GmbH

File type
HTML document, ASCII text, with very long lines (306)
Size
3.0 kB (2970 bytes)
Hash
2ba35bea15bdcad2cee7243c2114a1d0
14739e92751f3966a06bddc4c92c493142e13f56
3b99928c7a64b7c44bc76e952a66be06a7a5f59b212a28b251a58925721fe41a

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.zip Domain
suricata	low	ET INFO HTTP Request to a *.zip Domain

HTTP Headers

GET / HTTP/1.1
Host: allgaeustrom.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 14 Apr 2025 15:24:39 GMT
Server: Apache
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

gfxsrc.idkom.de/misc/speedparking/idkom.gif

213.182.13.62

200 OK

1.5 kB

URL GET
gfxsrc.idkom.de/misc/speedparking/idkom.gif
IP
213.182.13.62:443
ASN
#12931 IDKOM Networks GmbH

Requested by
http://allgaeustrom.zip/
Certificate
IssuerSectigo Limited
Subject*.idkom.de
Fingerprint6C:06:95:81:08:BA:1F:38:BB:7F:A9:9D:57:FB:BC:A5:47:C8:20:50
ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

File type
GIF image data, version 89a, 79 x 14
Size
1.5 kB (1538 bytes)
Hash
9e299767fdb28017be1c9c7f63f17c0b
e6c709abc235e8807368eb728d67d27ba9e52ce0
740f030ea7e5ebf8d49e13dc2aa943756f9445be949c888b7df45e916eac79b4

HTTP Headers

GET /misc/speedparking/idkom.gif HTTP/1.1
Host: gfxsrc.idkom.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://allgaeustrom.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 14 Apr 2025 15:24:40 GMT
server: Apache
last-modified: Tue, 12 Dec 2006 11:46:45 GMT
etag: "602-42466d6273340"
accept-ranges: bytes
content-length: 1538
content-type: image/gif
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (9)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size