Overview

URLwww.pcfreesoft.com/download/NvidiaPVD.exe
IP184.168.221.96
ASNAS26496 GoDaddy.com, LLC
Location United States
Report completed2017-05-20 01:13:40 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-05-202www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exeMalware
2017-05-202www.pcfreesoft.com/img.aspx?q=L3MkWGAkYGHjZGVjBQR2ZwR3ZQR4ZGR4ZQVyZwMaWGAkZGNjAFHlAzHyZ3RyZwMhWGAkZPMalware
2017-05-202www.pcfreesoft.com/ZbdRZ/ZWpQZ/download/NvidiaPVD.exeMalware
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 184.168.221.96

Date UQ / IDS / BL URL IP
2017-06-27 22:52:060 - 0 - 3www.zeromalware.com/download/zmds3605.exe184.168.221.96
2017-06-27 16:59:360 - 0 - 3www.downloadupload.com/download/dudi10019.exe184.168.221.96
2017-06-27 16:00:510 - 0 - 3softwaresplash.com/download/MP3R.exe184.168.221.96
2017-06-27 11:43:040 - 0 - 3audioshareware.com/download/assr11022.exe184.168.221.96
2017-06-27 11:41:200 - 0 - 3pcfreesoft.com/download/DigitalPhotoSoftware.exe184.168.221.96
2017-06-27 11:32:540 - 0 - 3softwaresplash.com/download/SAMBcaster.exe184.168.221.96

Last 6 reports on ASN: AS26496 GoDaddy.com, LLC

Date UQ / IDS / BL URL IP
2017-06-28 00:20:590 - 0 - 0reatamtitle.associatedinfra.com/Permission/%40%25!%24%23%26%5E%24166.62.119.132
2017-06-28 00:20:290 - 0 - 0www.alancyril.com/product2_ext.php?wrong=qh26kkvdw8p8nq4166.62.28.100
2017-06-28 00:14:280 - 0 - 1www.playfreegame.org/download/Roblox_Setup.exe107.180.40.137
2017-06-28 00:11:150 - 0 - 0LRCRealty.com184.168.47.225
2017-06-28 00:08:160 - 0 - 1www.thebingomaker.com/files/the-bingo-maker-v700-af-alt/setup_af.exe184.168.27.46
2017-06-28 00:06:160 - 0 - 1www.mzan.com/article/25903504-lombok-not-generating-getters-setters-with-luna-or-command-line-c (...)23.229.194.227

Last 6 reports on domain: www.pcfreesoft.com

Date UQ / IDS / BL URL IP
2017-06-27 02:51:430 - 0 - 3www.pcfreesoft.com/download/Paint.NEt.exe184.168.221.96
2017-06-27 01:21:190 - 0 - 3www.pcfreesoft.com/download/Any%20Video%20Converter%20Free.exe184.168.221.96
2017-06-27 00:25:440 - 0 - 2www.pcfreesoft.com/download/GUs.exe184.168.221.96
2017-06-26 06:24:550 - 0 - 3www.pcfreesoft.com/download/SM8.exe184.168.221.96
2017-06-25 22:11:130 - 0 - 3www.pcfreesoft.com/download/ECE.exe184.168.221.96
2017-06-25 08:02:300 - 0 - 3www.pcfreesoft.com/download/YTD.exe184.168.221.96



JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (3)

#1 JavaScript::Write (size: 35, repeated: 1)

<script>function test() {}</script>

#2 JavaScript::Write (size: 111, repeated: 1)

<script>try{window.parent.frames[0].location} catch(e){theParent.google.disallowedSameDomain_ = true;}</script>

#3 JavaScript::Write (size: 47, repeated: 1)

<script>var theParent = window.parent;</script>


HTTP Transactions (15)


Request Response
GET /ZWpQZ/download/NvidiaPVD.exe HTTP/1.1

Host: www.pcfreesoft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 184.168.221.96
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 19 May 2017 23:12:39 GMT
Content-Length: 3912
Age: 1
Connection: keep-alive
GET /images/061703/spc_trans.gif HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 08 Feb 2006 19:53:06 GMT
Accept-Ranges: bytes
Etag: &quot;07d3047e92cc61:0&quot;
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 43
Cache-Control: max-age=3888000
Date: Fri, 19 May 2017 23:12:41 GMT
Connection: keep-alive
GET /script/jquery-1.3.1.min.js HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Thu, 05 Jan 2012 22:46:08 GMT
Accept-Ranges: bytes
Etag: &quot;1f269ad0fbcbcc1:0&quot;
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 24336
Cache-Control: max-age=3888000
Date: Fri, 19 May 2017 23:12:41 GMT
Connection: keep-alive
GET /adsense/domains/caf.js HTTP/1.1

Host: www.google.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 108.177.14.106
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Fri, 19 May 2017 23:12:41 GMT
Expires: Fri, 19 May 2017 23:12:41 GMT
Cache-Control: private, max-age=3600
Etag: &quot;4448816946785631783&quot;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 1; mode=block
GET /sd?s=104842&f=1 HTTP/1.1

Host: as.casalemedia.com
GET /sd?s=104842&amp;f=1 HTTP/1.1

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 195.159.219.8
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Location: http://as.casalemedia.com/blank.html?s=104842&amp;f=1
Content-Length: 261
Expires: Fri, 19 May 2017 23:12:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 19 May 2017 23:12:41 GMT
Connection: keep-alive
GET /images/cp/thm/header_14.jpg HTTP/1.1

Host: images-pw.secureserver.net

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 50.63.202.127
HTTP/1.1 200 OK
Content-Type: image/jpeg
Cache-Control: max-age=34560000
Last-Modified: Thu, 21 Sep 2006 17:25:32 GMT
Accept-Ranges: bytes
Etag: &quot;0ebdf0a2ddc61:0&quot;
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 19 May 2017 23:12:16 GMT
Content-Length: 19550
Age: 25
Connection: keep-alive
GET /blank.html?s=104842&f=1 HTTP/1.1

Host: as.casalemedia.com
GET /blank.html?s=104842&amp;f=1 HTTP/1.1

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 195.159.219.8
HTTP/1.1 200 OK
Content-Type: text/html
Server: Apache
Last-Modified: Wed, 24 Feb 2016 23:22:31 GMT
Etag: &quot;0&quot;
Accept-Ranges: bytes
Content-Length: 0
Expires: Fri, 19 May 2017 23:12:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 19 May 2017 23:12:42 GMT
Connection: keep-alive
GET /domainads/tracking/caf.gif?ts=1495235562003&rid=5823322 HTTP/1.1

Host: www.gstatic.com
GET /domainads/tracking/caf.gif?ts=1495235562003&amp;rid=5823322 HTTP/1.1

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 172.217.22.163
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 43
Date: Fri, 19 May 2017 23:12:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
GET /images/ThemeSearch4.gif HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 26 Sep 2013 18:54:18 GMT
Accept-Ranges: bytes
Etag: &quot;6fcab7cde9bace1:0&quot;
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 2124
Cache-Control: max-age=3888000
Date: Fri, 19 May 2017 23:12:42 GMT
Connection: keep-alive
GET /images/ThemeSearch3a.gif HTTP/1.1

Host: ak2.imgaft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 195.159.219.17
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 27 Sep 2013 21:39:23 GMT
Accept-Ranges: bytes
Etag: &quot;5ba8e77cabbce1:0&quot;
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 2275
Cache-Control: max-age=3888000
Date: Fri, 19 May 2017 23:12:42 GMT
Connection: keep-alive
GET /static/caf/slave.html HTTP/1.1

Host: dp.g.doubleclick.net

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 712
Date: Fri, 19 May 2017 22:29:41 GMT
Expires: Fri, 19 May 2017 23:29:41 GMT
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 2581
Cache-Control: public, max-age=3600
GET /img.aspx?q=L3MkWGAkYGHjZGVjBQR2ZwR3ZQR4ZGR4ZQVyZwMaWGAkZGNjAFHlAzHyZ3RyZwMhWGAkZPHlAzZyZ3RjWGV2MJLyZ3RjWGV2MvHmpFHlAzIaWGAkZwNkAmN1ZGxkAwRlAQNyZwMwrFHmpGRyZwM0MlHmpGZ1KmAwqFHlAatyZ3RyZwMzM3NyZ3RjWGV2pUHyZ3RkBQV4ZGpyZwMaqFHmpGZlWGV2oabyZ3RjWGV2MaNyZ3R0AmxyZwMbozpyZ3RkWGV2qTLyZ3R2WGV2pUNyZ3SODvHlAzAbWGAkZGDyZwMkMFHmpJ5zYKSyqaRgZwZmZQL4ZwH0ZwtlBGD5AN==-1 HTTP/1.1

Host: www.pcfreesoft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.pcfreesoft.com/ZWpQZ/download/NvidiaPVD.exe
 184.168.221.96
HTTP/1.1 200 OK
Content-Type: image/gif
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 19 May 2017 23:12:41 GMT
Age: 1
Transfer-Encoding: chunked
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: www.pcfreesoft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 184.168.221.96
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 19 May 2017 23:12:41 GMT
Content-Length: 136
Age: 1
Connection: keep-alive
GET /favicon.ico HTTP/1.1

Host: www.pcfreesoft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 184.168.221.96
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 19 May 2017 23:12:44 GMT
Content-Length: 136
Age: 1
Connection: keep-alive
GET /ZbdRZ/ZWpQZ/download/NvidiaPVD.exe HTTP/1.1

Host: www.pcfreesoft.com

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 184.168.221.96
HTTP/1.1 302 Found
HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Location: /ZWpQZ/download/NvidiaPVD.exe