Overview

URLurl.gg1z.com/down/%C3%A7%C2%88%C2%86%C3%A6%C2%9E%C2%AA%C3%A8%C2%8B%C2%B1%C3%A9%C2%9B%C2%84%C3%A7%C2%A9%C2%BA%C3%A5%C2%BD%C2%B1%C3%A8%C2%BE%C2%85%C3%A5%C2%8A%C2%A9%20v0.1%C3%A6%C2%9C%C2%80%C3%A6%C2%96%C2%B0%C3%A7%C2%89%C2%88%C3%A4%C2%B8%C2%8B%C3%A8%C2%BD%C2%BD@36_10705.exe
IP172.106.224.163
ASNUnknown
Location United States
Report completed2017-01-12 11:14:16 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-01-122url.gg1z.com/down/%C3%A7%C2%88%C2%86%C3%A6%C2%9E%C2%AA%C3%A8%C2%8B%C2%B1%C3%A9%C2%9B%C2%84%C3%A7%C2%Malware
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 172.106.224.163

Date UQ / IDS / BL URL IP
2017-02-05 10:41:480 - 0 - 1url.gg1z.com/down/????????????????????????v2.11?????????@36_12237.exe172.106.224.163
2017-02-05 10:41:480 - 0 - 1url.gg1z.com/down/51????????????????????????|51???????????????%201202%20????????????@ (...)172.106.224.163
2017-02-05 10:25:030 - 0 - 1url.gg1z.com/down/??????????v1.0?????@36_10211.exe172.106.224.163
2017-02-05 08:39:580 - 0 - 1url.gg1z.com/down/??£¤?¡ã?????? (...)172.106.224.163
2017-02-05 08:39:580 - 0 - 1url.gg1z.com/down/TNT%E6%9E%AA%E6%89%8B%E7%9E%84%E5%87%86%E5%99%A8%20v8.0%20%E5%85%8D (...)172.106.224.163
2017-02-05 08:38:570 - 0 - 1url.gg1z.com/down/??????????%20v1.0?????@36_10211.exe172.106.224.163

Last 6 reports on ASN: Unknown

Date UQ / IDS / BL URL IP
2017-02-21 08:45:010 - 0 - 0emailadvertentie.net/ZSEKCLX8YwOkrOGh/unsubscribe81.171.24.156
2017-02-21 08:44:400 - 0 - 1upgradelive.upgradepcsafesystemset4now.info/?pcl=7a--wJTk8omhhyZLHpMQk1JNg4t-9ge0N3KpBxTxVkI.51.15.145.148
2017-02-21 08:42:060 - 0 - 1stats.devmaxcloud.com/apps.gif?action=update52.216.0.202
2017-02-21 08:41:020 - 0 - 0www.facebook.comhttps:///Fifty-Shades-Darker-Online-2017-Movie-405373773148064/157.240.2.35
2017-02-21 08:41:020 - 0 - 0www.facebook.comhttps:///Fifty-Shades-Darker-Online-2017-Movie-405373773148064/157.240.2.35
2017-02-21 08:40:020 - 0 - 0newsindustryde.com/login/link.php?M=61716&N=84&L=22&F=H138.68.53.233

Last 6 reports on domain: url.gg1z.com

Date UQ / IDS / BL URL IP
2017-02-20 11:57:060 - 0 - 1url.gg1z.com/down/???????1??e%20?|????3a?|I?????????2?????-???iav1.7%20?|??a??%20?|????????e??? (...)23.252.161.180
2017-02-20 11:55:550 - 0 - 1url.gg1z.com/down/???????1??e%20?|????3a?|I?????????2?????-???iav1.7%20?|??a??%20?|????????e??? (...)23.252.161.180
2017-02-20 11:55:540 - 0 - 1url.gg1z.com/down/a??????e???a???a???a??e??e???e???a???a???e????(a??????e???a???e???a???a???)v0 (...)23.252.161.180
2017-02-20 10:32:210 - 0 - 1url.gg1z.com/down/?£¤??¡ã???????LM?????1? (...)23.252.161.180
2017-02-17 21:58:480 - 0 - 1url.gg1z.com/down/%C3%A8%C2%A1%C2%97%C3%A5%C2%A4%C2%B4%C3%A7%C2%AF%C2%AE%C3%A7%C2%90%C2%83%C3%A (...)23.252.161.180
2017-02-17 21:39:220 - 0 - 1url.gg1z.com/down/?????????????????????%20v3.7?????????@36_10828.exe23.252.161.180



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (2)


Request Response
GET /down/%C3%A7%C2%88%C2%86%C3%A6%C2%9E%C2%AA%C3%A8%C2%8B%C2%B1%C3%A9%C2%9B%C2%84%C3%A7%C2%A9%C2%BA%C3%A5%C2%BD%C2%B1%C3%A8%C2%BE%C2%85%C3%A5%C2%8A%C2%A9%20v0.1%C3%A6%C2%9C%C2%80%C3%A6%C2%96%C2%B0%C3%A7%C2%89%C2%88%C3%A4%C2%B8%C2%8B%C3%A8%C2%BD%C2%BD@36_10705.exe HTTP/1.1

Host: url.gg1z.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 172.106.224.163
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 22 Feb 2016 09:31:13 GMT
Accept-Ranges: bytes
Etag: "80648c5536dd11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 12 Jan 2017 10:13:44 GMT
Content-Length: 753
GET /favicon.ico HTTP/1.1

Host: url.gg1z.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 172.106.224.163
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Mon, 14 Apr 2014 06:28:44 GMT
Accept-Ranges: bytes
Etag: "0f6aec8aa57cf1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 12 Jan 2017 10:13:44 GMT
Content-Length: 1150