urlquery.net - Free url scanner

Overview

URL	http://vretyaswq.cu.cc/links/handling_gets-disappeared-womans.php?akrqztwe=0505030b34
IP	216.38.62.18
ASN	AS25847 ServInt
Location	United States
Report completed	2012-11-07 10:34:35 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-07 10:34:08	urlQuery Client	216.38.62.18	2	ET CURRENT_EVENTS HTTP Request to a *.cu.cc domain
2012-11-07 10:34:08	urlQuery Client	216.38.62.18	1	ET CURRENT_EVENTS Blackhole 2 Landing Page
2012-11-07 10:34:23	urlQuery Client	216.38.62.18	2	ET CURRENT_EVENTS HTTP Request to a *.cu.cc domain

Snort /w Sourcefire VRT

No alerts detected

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 216.38.62.18

Date	Alerts / IDS	URL	IP
2013-02-12 02:04:38	0 / 4	http://murtus.cu.cc/links/fate_acted.php	216.38.62.18
2013-02-11 23:16:18	0 / 6	http://demjesr.cu.cc/data/ap2.php	216.38.62.18
2013-02-11 22:32:56	1 / 7	http://fasari.cu.cc/main.php?page=343e5113e5518782	216.38.62.18
2013-02-11 21:49:34	1 / 7	http://amajeser.cu.cc/main.php?page=343e5113e5518782	216.38.62.18
2013-02-11 21:49:26	0 / 6	http://gadiars.cu.cc/links/considered-cross_behalf_answered.php	216.38.62.18
2013-02-11 21:20:22	1 / 7	http://vertycv.cu.cc/main.php?page=343e5113e5518782	216.38.62.18

Last 6 reports on ASN: AS25847 ServInt

Date	Alerts / IDS	URL	IP
2013-02-12 17:45:09	1 / 5	http://www.lifeisa-journey.com/tag/peace/	207.58.168.51
2013-02-12 16:43:19	0 / 1	http://www.comunidadsi.com.ar/523281.php?cjtidizu	216.22.48.34
2013-02-12 16:03:18	2 / 3	http://shantikaushalfoundation.org/	207.58.185.34
2013-02-12 16:00:05	0 / 0	http://www.virtuozzo.com/en/splandingpage	64.131.90.8
2013-02-12 14:26:31	2 / 3	http://shantikaushalfoundation.org/	207.58.185.34
2013-02-12 05:21:04	0 / 3	http://3questionsgetthegirl.com/simple-trick-video/?afid=LinkTrust	207.58.184.243

Last 6 reports on domain: vretyaswq.cu.cc

Date	Alerts / IDS	URL	IP
2012-11-16 23:35:11	0 / 4	http://vretyaswq.cu.cc/links/fate_acted.php	216.38.62.18
2012-11-07 20:03:03	0 / 2	http://vretyaswq.cu.cc/links/fate_acted.php?yns=0505030b34	216.38.62.18
2012-11-07 11:25:26	0 / 4	http://vretyaswq.cu.cc/links/fate_acted.php?irlp=0505030b34	216.38.62.18
2012-11-07 11:25:24	0 / 2	http://vretyaswq.cu.cc/links/handling_gets-disappeared-womans.php?nhoquy=0505030b34	216.38.62.18
2012-11-07 11:22:46	0 / 2	http://vretyaswq.cu.cc/links/handling_gets-disappeared-womans.php?apqregm=0505030b34	216.38.62.18
2012-11-07 11:21:28	0 / 2	http://vretyaswq.cu.cc/links/handling_gets-disappeared-womans.php?klqizdk=0505030b34	216.38.62.18

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (3)

Request	Response
GET /links/handling_gets-disappeared-womans.php?akrqztwe=0505030b34 HTTP/1.1 Host: vretyaswq.cu.cc User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 302 Found Content-Type: text/html Date: Wed, 07 Nov 2012 09:33:59 GMT Server: Apache X-Powered-By: PHP/5.2.17 Location: http://cu.cc/free.php?domain=vretyaswq.cu.cc Content-Length: 0 Connection: close
GET /free.php?domain=vretyaswq.cu.cc HTTP/1.1 Host: cu.cc User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Wed, 07 Nov 2012 09:34:09 GMT Server: Apache Location: http://www.registry.cu.cc/free.php?domain=vretyaswq.cu.cc Content-Length: 265 Connection: close
GET /free.php?domain=vretyaswq.cu.cc HTTP/1.1 Host: www.registry.cu.cc User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive

Request

Response

GET /links/handling_gets-disappeared-womans.php?akrqztwe=0505030b34 HTTP/1.1

Host: vretyaswq.cu.cc


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 302 Found

Content-Type: text/html

Date: Wed, 07 Nov 2012 09:33:59 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Location: http://cu.cc/free.php?domain=vretyaswq.cu.cc
Content-Length: 0
Connection: close

GET /free.php?domain=vretyaswq.cu.cc HTTP/1.1

Host: cu.cc


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 301 Moved Permanently

Content-Type: text/html; charset=iso-8859-1

Date: Wed, 07 Nov 2012 09:34:09 GMT
Server: Apache
Location: http://www.registry.cu.cc/free.php?domain=vretyaswq.cu.cc
Content-Length: 265
Connection: close

GET /free.php?domain=vretyaswq.cu.cc HTTP/1.1

Host: www.registry.cu.cc


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive