urlquery.net - Free url scanner

Overview

URL	http://eroglu-it.de/javascript/main.js
IP	62.116.164.44
ASN	AS15456 InterNetX GmbH
Location	Germany
Report completed	2012-11-20 15:53:12 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-20 15:52:33	62.116.164.44	urlQuery Client	1	ET CURRENT_EVENTS Hacked Website Response Jun 25 2012
2012-11-20 15:52:33	62.116.164.44	urlQuery Client	1	ET CURRENT_EVENTS Blackhole Landing Try Prototype Catch Jun 18 2012
2012-11-20 15:52:34	62.116.164.44	urlQuery Client	1	ET CURRENT_EVENTS Blackhole Landing Page Eval Variable Obfuscation 3
2012-11-20 15:52:34	62.116.164.44	urlQuery Client	1	ET CURRENT_EVENTS Hacked Website Response Jun 25 2012

Snort /w Sourcefire VRT

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-20 15:52:33	62.116.164.44	urlQuery Client	1	EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch
2012-11-20 15:52:33	62.116.164.44	urlQuery Client	1	EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch

Recent reports on same IP/ASN/Domain

Last 4 reports on IP: 62.116.164.44

Date	Alerts / IDS	URL	IP
2012-11-21 02:01:00	0 / 6	http://eroglu-it.de/javascript/main.js	62.116.164.44
2012-11-21 00:37:19	3 / 13	http://eroglu-it.de/	62.116.164.44
2012-11-20 07:31:57	0 / 2	http://www.eroglu-it.de/javascript/main.js	62.116.164.44
2012-11-19 18:00:27	0 / 6	http://www.eroglu-it.de/javascript/main.js	62.116.164.44

Last 6 reports on ASN: AS15456 InterNetX GmbH

Date	Alerts / IDS	URL	IP
2013-02-18 16:55:44	0 / 0	http://montanestimersir.info	62.116.143.11
2013-02-18 16:23:00	0 / 1	http://hayatspa.com/images/logos.gif?221c8=279440	62.116.143.11
2013-02-18 16:22:58	0 / 2	http://hayatspa.com/images/logos.gif?20024=131108	62.116.143.11
2013-02-18 16:22:52	0 / 1	http://hayatspa.com/images/logos.gif?25f33=466329	62.116.143.11
2013-02-18 16:22:50	0 / 1	http://hayatspa.com/images/logos.gif?1eeee=760212	62.116.143.11
2013-02-18 16:22:37	0 / 2	http://hayatspa.com/images/logos.gif?1dd3f=488700	62.116.143.11

Last 2 reports on domain: eroglu-it.de

Date	Alerts / IDS	URL	IP
2012-11-21 02:01:00	0 / 6	http://eroglu-it.de/javascript/main.js	62.116.164.44
2012-11-21 00:37:19	3 / 13	http://eroglu-it.de/	62.116.164.44

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (3)

Request	Response
GET /javascript/main.js HTTP/1.1 Host: eroglu-it.de User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 20 Nov 2012 14:52:33 GMT Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-18 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Last-Modified: Wed, 11 Jul 2012 22:42:36 GMT Etag: "141c8553-1fa6-903e0f00" Accept-Ranges: bytes Content-Length: 8102 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive
GET /favicon.ico HTTP/1.1 Host: eroglu-it.de User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 20 Nov 2012 14:52:34 GMT Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-18 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Vary: accept-language,accept-charset Accept-Ranges: bytes Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Transfer-Encoding: chunked Content-Language: en
GET /favicon.ico HTTP/1.1 Host: eroglu-it.de User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 20 Nov 2012 14:52:37 GMT Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-18 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Vary: accept-language,accept-charset Accept-Ranges: bytes Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Transfer-Encoding: chunked Content-Language: en

Request

Response

GET /javascript/main.js HTTP/1.1

Host: eroglu-it.de


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 200 OK

Content-Type: application/x-javascript

Date: Tue, 20 Nov 2012 14:52:33 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-18 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4
Last-Modified: Wed, 11 Jul 2012 22:42:36 GMT
Etag: &quot;141c8553-1fa6-903e0f00&quot;
Accept-Ranges: bytes
Content-Length: 8102
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

GET /favicon.ico HTTP/1.1

Host: eroglu-it.de


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Tue, 20 Nov 2012 14:52:34 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-18 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Language: en

GET /favicon.ico HTTP/1.1

Host: eroglu-it.de


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Tue, 20 Nov 2012 14:52:37 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-18 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Language: en