Overview

URLwozhiyou.org/downloadlist.aspx
IP60.190.240.90
ASNAS4134 Chinanet
Location China
Report completed2017-04-21 16:06:49 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; ar; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-04-212wozhiyou.org/downloadlist.aspxMalware
2017-04-212wozhiyou.org/js/jquery.jsMalware
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on ASN: AS4134 Chinanet

Date UQ / IDS / BL URL IP
2017-04-29 11:04:170 - 0 - 1down23.7r7z.com/down/setup_523i66b.exe221.234.40.46
2017-04-29 10:59:550 - 0 - 1xz1.uzzf.com/adesk2012zc.zip61.183.52.15
2017-04-29 10:53:240 - 0 - 1down23.7r7z.com/down/setup_524jehh.exe122.228.207.246
2017-04-29 10:53:190 - 0 - 1down23.7r7z.com/down/game_358b1cx.exe122.228.207.246
2017-04-29 10:51:270 - 0 - 1down23.7r7z.com/down/setup_540ezw5.exe122.228.207.246
2017-04-29 10:44:010 - 0 - 1hgsfgw.gov.cn/d/file/tzgg/2012-04-06/bfc5131bea850ef835db13a416970877.rar61.184.136.213



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (4)


Request Response
GET /css/common.css HTTP/1.1

Host: wozhiyou.org

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ar; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wozhiyou.org/downloadlist.aspx
 60.190.240.90
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6925
Last-Modified: Thu, 18 Sep 2014 03:06:03 GMT
Accept-Ranges: bytes
Etag: "7ae72c7bedd2cf1:75e2"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 21 Apr 2017 14:06:01 GMT
GET /downloadlist.aspx HTTP/1.1

Host: wozhiyou.org

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ar; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 60.190.240.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Apr 2017 14:06:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Length: 240743
GET /imgs/webconfig/index.jpg HTTP/1.1

Host: wozhiyou.org

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ar; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wozhiyou.org/downloadlist.aspx
 60.190.240.90
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 65616
Last-Modified: Tue, 04 Aug 2015 05:08:47 GMT
Accept-Ranges: bytes
Etag: "20daeca473ced01:75e2"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 21 Apr 2017 14:06:01 GMT
GET /js/jquery.js HTTP/1.1

Host: wozhiyou.org

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ar; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wozhiyou.org/downloadlist.aspx
 60.190.240.90
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 252881
Last-Modified: Thu, 18 Sep 2014 03:05:41 GMT
Accept-Ranges: bytes
Etag: "c0bb336eedd2cf1:75e2"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 21 Apr 2017 14:06:01 GMT