Overview

URLhttp://leaf-br0dc0m.com/lk10xzap7k5jqts7y2xrptiumiziawq9ntq3ode1ytc0mjk0zdm0ytg5nmm2nji4yza2ndjmodkzyjewzmu5yizhawq9mjaymjmmc2lkptamcmq9mti3ntmyodkxma==06g
IP141.8.225.7
ASNAS40034 Confluence Networks Inc
Location Switzerland
Report completed2012-11-07 17:18:41 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader8.0
Java1.6.0_26


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Source IP Destination IP Severity Alert
2012-11-07 17:18:07 urlQuery Client 141.8.225.71ETPRO TROJAN Trojan.Win32.Ctfmon.A Checkin
Snort /w Sourcefire VRT No alerts detected


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 141.8.225.7

Date Alerts / IDS URL IP
2013-02-26 18:53:000 / 0http://141.8.225.7141.8.225.7
2013-02-06 21:13:010 / 0http://cuitab.com/new/5b9131be1be/ed9285f3ec5.jar141.8.225.7
2013-02-05 18:02:340 / 0http://antalmo44.com/_cp/gate.php141.8.225.7
2013-02-05 12:42:290 / 0http://antalmo55.com/_cp/gate.php141.8.225.7
2013-02-05 06:17:220 / 0http://141.8.225.7141.8.225.7
2012-12-31 19:20:030 / 0http://fridayalways.com/glusa/files/common.jar141.8.225.7

Last 6 reports on ASN: AS40034 Confluence Networks Inc

Date Alerts / IDS URL IP
2013-02-27 05:40:380 / 1http://casbygroup.com/images/logos.gif?21be0=414624199.79.62.205
2013-02-27 05:40:280 / 1http://casbygroup.com/images/logos.gif?2039f=395997199.79.62.205
2013-02-27 05:40:210 / 1http://casbygroup.com/images/logos.gif?1f8ab=904365199.79.62.205
2013-02-27 05:40:170 / 1http://casbygroup.com/images/logos.gif?1d51c=840644199.79.62.205
2013-02-27 05:40:140 / 1http://casbygroup.com/images/logos.gif?1e151=616085199.79.62.205
2013-02-27 05:40:130 / 1http://casbygroup.com/images/logos.gif?1ed8f=1137159199.79.62.205

Last 6 reports on domain: leaf-br0dc0m.com

Date Alerts / IDS URL IP
2013-02-20 04:38:540 / 2http://leaf-br0dc0m.com/yKu1Gx5P6P3jdFo1Y2xrPTIuMiZiaWQ9NTQ3ODE1YTc0Mjk0ZDM0YTg5NmM2NjI4YzA2NDJ (...)69.43.161.180
2013-02-20 04:34:410 / 2http://leaf-br0dc0m.com/pv645r5d7n7yjas9y2xrptiumiziawq9ntq3ode1ytc0mjk0zdm0ytg5nmm2nji4yza2ndj (...)69.43.161.180
2013-02-20 04:34:360 / 2http://leaf-br0dc0m.com/hzx02gze7l6j61c1y2xrptiumiziawq9ntq3ode1ytc0mjk0zdm0ytg5nmm2nji4yza2ndj (...)69.43.161.180
2013-02-06 23:08:380 / 4http://leaf-br0dc0m.com/ckm2damx7o4mfio7y2xrptmumyziawq9zjqxowm3ntjlnzuzzwezyjbmyjvmngu2mjdizdg (...)69.43.161.180
2013-02-06 10:02:480 / 6http://leaf-br0dc0m.com/dvn3p82d8a4qx3c9y2xrptiumiziawq9ntq3ode1ytc0mjk0zdm0ytg5nmm2nji4yza2ndj (...)69.43.161.180
2013-02-04 06:26:190 / 4http://leaf-br0dc0m.com/tks26xjx647m0oc0y2xrptiumiziawq9ntiwn2m4mmiyzgmzmtu5nzg4yji5zmjkotbhyja (...)69.43.161.180



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (3)


Request Response 
GET /lk10xzap7k5jqts7y2xrptiumiziawq9ntq3ode1ytc0mjk0zdm0ytg5nmm2nji4yza2ndjmodkzyjewzmu5yizhawq9mjaymjmmc2lkptamcmq9mti3ntmyodkxma==06g HTTP/1.1

Host: leaf-br0dc0m.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: text/html; charset=UTF-8

Date: Wed, 07 Nov 2012 16:18:07 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.16
Set-Cookie: gvc=910vr998506871527311; expires=Mon, 06-Nov-2017 16:18:07 GMT; path=/; domain=leaf-br0dc0m.com; httponly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 58
Keep-Alive: timeout=5, max=128
Connection: Keep-Alive
GET /favicon.ico HTTP/1.1

Host: leaf-br0dc0m.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: gvc=910vr998506871527311
 
HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Wed, 07 Nov 2012 16:18:07 GMT
Server: Apache/2.2.3 (Red Hat)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
GET /favicon.ico HTTP/1.1

Host: leaf-br0dc0m.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: gvc=910vr998506871527311
 
HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Wed, 07 Nov 2012 16:18:10 GMT
Server: Apache/2.2.3 (Red Hat)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive