Overview

URLc.k429fma.com/b/1/1040/gdd9fid.swf?uid=319063&hlogo=1
IP116.10.189.226
ASNAS4134 Chinanet
Location China
Report completed2017-03-21 02:57:58 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com No alerts detected
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 4 reports on IP: 116.10.189.226

Date UQ / IDS / BL URL IP
2017-03-21 02:56:090 - 0 - 0c.k429fma.com/b/1/604/gdd9fid.swf?uid=319063&hlogo=1116.10.189.226
2017-03-14 05:43:180 - 0 - 1log.he2d.com/dsp/cm?t=2116.10.189.226
2017-03-14 05:43:100 - 0 - 1c.u38sn2a.com/s/1/1840/29168.html?uid=409484116.10.189.226
2017-02-13 20:53:460 - 0 - 1g.d90t3m.com/1/823.html116.10.189.226

Last 6 reports on ASN: AS4134 Chinanet

Date UQ / IDS / BL URL IP
2017-04-25 02:46:020 - 0 - 4www.chinatefl.com/ChinaTEFL/agency/index.htm115.236.19.38
2017-04-25 02:44:250 - 0 - 1rahuifeng.com/News/NewsDet.asp?DetID=6360.190.114.165
2017-04-25 02:29:240 - 0 - 1bbs.sunwy.org/forum.php?mod=attachment113.106.88.238
2017-04-25 02:27:000 - 0 - 1488u.com/qseb/gl/list_5389_4.html122.224.34.27
2017-04-25 02:25:110 - 0 - 1488u.com/bessg/gl/2015/0722/139154.html122.224.34.27
2017-04-25 02:21:440 - 0 - 1downb.nj6ce.com/setup_0.0.2.exe122.228.207.246

Last 6 reports on domain: c.k429fma.com

Date UQ / IDS / BL URL IP
2017-04-24 08:42:140 - 0 - 1c.k429fma.com/s/1/1544/0.html?uid=1410454&ext=ZjggICAgICAgICAgMTZRVFFQVFVUTFFUVllVTFNYWVBMU (...)61.188.87.111
2017-03-29 22:09:570 - 0 - 1c.k429fma.com/b/1/746/efd9fkd.swf?uid=207916&hlogo=161.188.87.111
2017-03-21 02:56:090 - 0 - 0c.k429fma.com/b/1/604/gdd9fid.swf?uid=319063&hlogo=1116.10.189.226
2017-03-21 02:54:300 - 0 - 0c.k429fma.com/b/1/1388/gdd9fid.swf?uid=319063&hlogo=114.18.238.176
2017-03-21 02:23:040 - 0 - 0c.k429fma.com/b/1/1040/gdd9fid.swf?uid=319063&hlogo=1218.98.115.31
2017-03-21 02:20:550 - 0 - 0c.k429fma.com/b/1/610/gdd9fid.swf?uid=319063&hlogo=161.188.87.111



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (5)


Request Response
GET /b/1/1040/gdd9fid.swf?uid=319063&hlogo=1 HTTP/1.1

Host: c.k429fma.com
GET /b/1/1040/gdd9fid.swf?uid=319063&hlogo=1 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 61.188.87.111
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
Server: nginx/1.4.2
Date: Tue, 21 Mar 2017 01:57:04 GMT
Content-Length: 26035
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2017 13:06:35 GMT
Etag: "58cfd3db-65b3"
Expires: Tue, 21 Mar 2017 02:07:45 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1

Host: fpdownload2.macromedia.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 195.159.219.11
HTTP/1.1 200 OK
Content-Type: text/xml
Server: Apache
Last-Modified: Tue, 14 Mar 2017 09:02:23 GMT
Etag: "60c-54aad1616fc09"
Accept-Ranges: bytes
Content-Length: 1548
Date: Tue, 21 Mar 2017 01:57:06 GMT
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: c.k429fma.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 61.188.87.111
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: nginx/1.4.2
Date: Tue, 21 Mar 2017 01:57:05 GMT
Content-Length: 168
Connection: keep-alive
GET /swfs/2f/3573835715dsadasdasd/gkd8md.flv HTTP/1.1

Host: sccdn.50zera.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 203.130.60.50
HTTP/1.1 200 OK
Content-Type: video/x-flv
Date: Tue, 21 Mar 2017 01:56:14 GMT
Server: nginx/1.4.2
Content-Length: 803086
Last-Modified: Tue, 14 Mar 2017 09:12:48 GMT
Etag: "58c7b410-c410e"
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 td50:3 (Cdn Cache Server V2.0)
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: c.k429fma.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 61.188.87.111
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: nginx/1.4.2
Date: Tue, 21 Mar 2017 01:57:08 GMT
Content-Length: 168
Connection: keep-alive