Overview

URLajmanbusinesssetup.com/me/workNEW2017K.exe
IP198.54.116.117
ASNUnknown
Location United States
Report completed2017-01-12 11:15:34 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com No alerts detected
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no
Added / Verified Severity Host Comment
2017-01-122ajmanbusinesssetup.comBlacklisted
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 198.54.116.117

Date UQ / IDS / BL URL IP
2017-01-12 19:23:010 - 0 - 26ajmanbusinesssetup.com/me/workNEW2017K.exe198.54.116.117
2017-01-12 17:31:190 - 0 - 1ajmanbusinesssetup.com/me/newtransfer.exe198.54.116.117
2017-01-12 03:06:510 - 0 - 1ajmanbusinesssetup.com/me/newtransfer.exe198.54.116.117
2017-01-11 18:56:390 - 0 - 26ajmanbusinesssetup.com/me/NEW2017K.exe198.54.116.117
2017-01-11 11:35:400 - 0 - 1ajmanbusinesssetup.com/me/NEW2017K.exe198.54.116.117
2017-01-11 03:23:000 - 0 - 26ajmanbusinesssetup.com/me/aheavenstub.exe198.54.116.117

Last 6 reports on ASN: Unknown

Date UQ / IDS / BL URL IP
2017-01-22 23:17:240 - 0 - 0l.facebook.comhttps:///l.php?u=https%3A%2F%2Fwww.centraltexasfoodbank.org%2Fsites%2Fdefault%2Ff (...)157.240.11.35
2017-01-22 23:17:090 - 0 - 1dlc.applycertain.ru/download/12/YXZgYGY6cG1uayYyMWtHVVtBU0FNTklKRwVDXUtdUUVXW0FGXhlMVkoUWFxKXh8 (...)34.248.229.126
2017-01-22 23:12:470 - 0 - 25criminallawfirm.mobi/Lesley/estateportfolio/adobes/9f9c3cde4b9494be39e1b622543e4d7f/index2.htm107.154.105.196
2017-01-22 23:11:220 - 0 - 1lamaisondeloiselier.com/adobe/adobe.htm185.140.47.101
2017-01-22 23:09:390 - 0 - 0www.netimpact.orghttps:///sites/default/files/webform/TV-Live-show-Packers-v-s-Falcons-st-r.ea- (...)161.47.5.177
2017-01-22 23:09:170 - 0 - 0www.netimpact.orghttps:///sites/default/files/webform/TV-Live-show-Packers-v-s-Falcons-st-r.ea- (...)161.47.5.177

Last 6 reports on domain: ajmanbusinesssetup.com

Date UQ / IDS / BL URL IP
2017-01-12 19:23:010 - 0 - 26ajmanbusinesssetup.com/me/workNEW2017K.exe198.54.116.117
2017-01-12 17:31:190 - 0 - 1ajmanbusinesssetup.com/me/newtransfer.exe198.54.116.117
2017-01-12 03:06:510 - 0 - 1ajmanbusinesssetup.com/me/newtransfer.exe198.54.116.117
2017-01-11 18:56:390 - 0 - 26ajmanbusinesssetup.com/me/NEW2017K.exe198.54.116.117
2017-01-11 11:35:400 - 0 - 1ajmanbusinesssetup.com/me/NEW2017K.exe198.54.116.117
2017-01-11 03:23:000 - 0 - 26ajmanbusinesssetup.com/me/aheavenstub.exe198.54.116.117



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (1)


Request Response
GET /me/workNEW2017K.exe HTTP/1.1

Host: ajmanbusinesssetup.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 198.54.116.117
HTTP/1.1 200 OK
Content-Type: application/x-msdownload
Date: Thu, 12 Jan 2017 10:14:51 GMT
Server: Apache
Last-Modified: Wed, 11 Jan 2017 07:49:25 GMT
Accept-Ranges: bytes
Content-Length: 872226