Overview

URLc.k429fma.com/b/1/1040/gdd9fid.swf?uid=319063&hlogo=1
IP116.10.189.226
ASNAS4134 Chinanet
Location China
Report completed2017-03-21 02:57:58 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com No alerts detected
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 4 reports on IP: 116.10.189.226

Date UQ / IDS / BL URL IP
2017-03-21 02:56:090 - 0 - 0c.k429fma.com/b/1/604/gdd9fid.swf?uid=319063&hlogo=1116.10.189.226
2017-03-14 05:43:180 - 0 - 1log.he2d.com/dsp/cm?t=2116.10.189.226
2017-03-14 05:43:100 - 0 - 1c.u38sn2a.com/s/1/1840/29168.html?uid=409484116.10.189.226
2017-02-13 20:53:460 - 0 - 1g.d90t3m.com/1/823.html116.10.189.226

Last 6 reports on ASN: AS4134 Chinanet

Date UQ / IDS / BL URL IP
2017-03-26 18:56:150 - 0 - 1cl.zasuv.com/download/WIN7_31@68290.exe183.131.168.153
2017-03-26 18:47:350 - 0 - 12www.hahaoffice.com/59.38.33.170
2017-03-26 18:46:350 - 0 - 0218.93.252.75218.93.252.75
2017-03-26 18:43:170 - 0 - 1cl.ssouy.com/download/wifi%E5%88%86%E6%9E%90%E4%BB%AApc%E7%89%88_30@141568.exe183.131.168.153
2017-03-26 18:40:500 - 0 - 1jpkc.whvcse.com/221.234.230.20
2017-03-26 18:37:240 - 0 - 9www.syoubz.com/index.php?p=3124.173.156.11

Last 4 reports on domain: c.k429fma.com

Date UQ / IDS / BL URL IP
2017-03-21 02:56:090 - 0 - 0c.k429fma.com/b/1/604/gdd9fid.swf?uid=319063&hlogo=1116.10.189.226
2017-03-21 02:54:300 - 0 - 0c.k429fma.com/b/1/1388/gdd9fid.swf?uid=319063&hlogo=114.18.238.176
2017-03-21 02:23:040 - 0 - 0c.k429fma.com/b/1/1040/gdd9fid.swf?uid=319063&hlogo=1218.98.115.31
2017-03-21 02:20:550 - 0 - 0c.k429fma.com/b/1/610/gdd9fid.swf?uid=319063&hlogo=161.188.87.111



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (5)


Request Response
GET /b/1/1040/gdd9fid.swf?uid=319063&hlogo=1 HTTP/1.1

Host: c.k429fma.com
GET /b/1/1040/gdd9fid.swf?uid=319063&hlogo=1 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 61.188.87.111
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
Server: nginx/1.4.2
Date: Tue, 21 Mar 2017 01:57:04 GMT
Content-Length: 26035
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2017 13:06:35 GMT
Etag: "58cfd3db-65b3"
Expires: Tue, 21 Mar 2017 02:07:45 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1

Host: fpdownload2.macromedia.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 195.159.219.11
HTTP/1.1 200 OK
Content-Type: text/xml
Server: Apache
Last-Modified: Tue, 14 Mar 2017 09:02:23 GMT
Etag: "60c-54aad1616fc09"
Accept-Ranges: bytes
Content-Length: 1548
Date: Tue, 21 Mar 2017 01:57:06 GMT
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: c.k429fma.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 61.188.87.111
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: nginx/1.4.2
Date: Tue, 21 Mar 2017 01:57:05 GMT
Content-Length: 168
Connection: keep-alive
GET /swfs/2f/3573835715dsadasdasd/gkd8md.flv HTTP/1.1

Host: sccdn.50zera.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 203.130.60.50
HTTP/1.1 200 OK
Content-Type: video/x-flv
Date: Tue, 21 Mar 2017 01:56:14 GMT
Server: nginx/1.4.2
Content-Length: 803086
Last-Modified: Tue, 14 Mar 2017 09:12:48 GMT
Etag: "58c7b410-c410e"
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 td50:3 (Cdn Cache Server V2.0)
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: c.k429fma.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 61.188.87.111
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: nginx/1.4.2
Date: Tue, 21 Mar 2017 01:57:08 GMT
Content-Length: 168
Connection: keep-alive