Overview

URLxiazai.xiazaijia.cc/cx/160105/1/%E6%96%97%E9%B1%BCtv%E7%94%B5%E8%84%91%E5%AE%A2%E6%88%B7%C3%A7%C2%AB202.0.4%E5%AE%98%E6%96%B9%E6%9C%80%E6%96%B0%E7%89%88@28_111712.exe
IP59.45.79.75
ASNAS4134 Chinanet
Location China
Report completed2017-04-21 11:08:19 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; SV1; .NET CLR 3.0.04506; .NET CLR 3.5.21022)
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-04-212xiazai.xiazaijia.cc/cx/160105/1/%E6%96%97%E9%B1%BCtv%E7%94%B5%E8%84%91%E5%AE%A2%E6%88%B7%C3%A7%C2%ABMalware
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 59.45.79.75

Date UQ / IDS / BL URL IP
2017-05-23 15:36:000 - 0 - 1down04985148.xiazaijia.net/cx/160624/16/1080p-hd?????????????????????-iqiyi@288_1_5.e (...)59.45.79.75
2017-05-23 14:07:070 - 0 - 1down.xiazaidown.com/cx/160624/2/myeclipse2016ci@85_21581.exe59.45.79.75
2017-05-23 13:31:170 - 0 - 1down.xiazaidown.com/cx/160624/2/myeclipse2016ci%E7%A0%B4%E8%A7%A3%E7%89%88@85_21581.e (...)59.45.79.75
2017-05-23 12:54:350 - 0 - 1down.xiazaidown.com/cx/160624/2/zidogxsdsv2.0@2243_96612.exe59.45.79.75
2017-05-23 12:46:170 - 0 - 1down04981611.xiazaijia.net/cx/160624/16/10@19_334265DV9.9.0.8@84_11005.exe59.45.79.75
2017-05-23 12:19:090 - 0 - 1down04981893.xiazaijia.net/cx/160624/16/%E6%9C%89%E5%B7%A5%E4%BD%96%C2%83%C2%A0%E6%99 (...)59.45.79.75

Last 6 reports on ASN: AS4134 Chinanet

Date UQ / IDS / BL URL IP
2017-05-23 16:46:480 - 0 - 1down.90370.com/game/gametool/cheatengine_cn.zip221.234.40.5
2017-05-23 16:46:420 - 0 - 1nvdwg.15311223344.com/YouXiHe/setup3.exe115.231.153.8
2017-05-23 16:46:380 - 0 - 1wknnx78.15311223344.com/YouXiHe/setup3.exe115.231.153.8
2017-05-23 16:46:020 - 0 - 1eul.15311223344.com/YouXiHe/setup3.exe115.231.153.8
2017-05-23 16:46:010 - 0 - 1rrennp.15311223344.com/YouXiHe/setup3.exe115.231.153.8
2017-05-23 16:45:560 - 0 - 10cob6zm1.15311223344.com/YouXiHe/setup3.exe115.231.153.8

Last 6 reports on domain: xiazai.xiazaijia.cc

Date UQ / IDS / BL URL IP
2017-05-23 12:00:010 - 0 - 1xiazai.xiazaijia.cc/cx/4/corelpaic2%C2%BF%C3%A9%C2%B0%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF (...)59.45.79.75
2017-05-23 07:35:360 - 0 - 1xiazai.xiazaijia.cc/cx/160225/1/????????????????????????@118_2122.exe59.45.79.75
2017-05-23 04:02:010 - 0 - 1xiazai.xiazaijia.cc/cx/160225/1/????????????????????????@118_2122.exe59.45.79.75
2017-05-23 02:15:030 - 0 - 1xiazai.xiazaijia.cc/cx/160225/2/vst3.1.0@84_33833.exe59.45.79.75
2017-05-23 01:49:020 - 0 - 1xiazai.xiazaijia.cc/cx/160225/2/vst%E5%85%A8%E8%81%9A%E5%90%88%E7%94%B5%E8%84%91%E7%89%883.1.0@ (...)59.45.79.75
2017-05-22 23:09:010 - 0 - 1xiazai.xiazaijia.cc/cx/160225/1/verycd??easymule@899_1063.exe59.45.79.75



JavaScript

Executed Scripts (2)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (1)


Request Response
GET /cx/160105/1/%E6%96%97%E9%B1%BCtv%E7%94%B5%E8%84%91%E5%AE%A2%E6%88%B7%C3%A7%C2%AB202.0.4%E5%AE%98%E6%96%B9%E6%9C%80%E6%96%B0%E7%89%88@28_111712.exe HTTP/1.1

Host: xiazai.xiazaijia.cc

User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; SV1; .NET CLR 3.0.04506; .NET CLR 3.5.21022)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive