Overview

URLhttp://www.tuff-music.com/rg-rlog.php
IP141.8.226.2
ASNAS40034 Confluence Networks Inc
Location Switzerland
Report completed2012-10-26 12:18:07 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader8.0
Java1.6.0_26


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Source IP Destination IP Severity Alert
2012-10-26 12:17:35 urlQuery Client 141.8.226.21ET CNC Zeus/Spyeye/Palevo Tracker Reported CnC Server (group 3)
Snort /w Sourcefire VRT No alerts detected


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 141.8.226.2

Date Alerts / IDS URL IP
2013-01-29 15:04:400 / 2http://ww35.rzncgorop-yvpx.com/pav4jg6d7q6yrcu7y2xrptmunyziawq9mzy4odu2zjbkmzllztk5ot (...)141.8.226.2
2013-01-24 16:36:420 / 3http://ww35.1mediadownload.com/aff/filehunter/1692?q=Microsoft.Dynamics.141.8.226.2
2013-01-24 14:25:590 / 2http://ww35.genesiskdmparts.com/.sys/?getexe=pp.12.exe141.8.226.2
2013-01-24 14:25:590 / 2http://ww35.genesiskdmparts.com/.sys/?getexe=v2prx.exe141.8.226.2
2013-01-23 17:46:100 / 0http://ww35.antispywareblock.net141.8.226.2
2013-01-09 14:37:560 / 0http://141.8.226.2141.8.226.2

Last 6 reports on ASN: AS40034 Confluence Networks Inc

Date Alerts / IDS URL IP
2013-02-14 22:06:370 / 1http://whatwillber.com208.91.197.193
2013-02-14 22:00:070 / 1http://q32422.bins.lop.com/bins/int/9kgen_up.int208.91.197.160
2013-02-14 21:55:120 / 0http://mssa.com/tw208.91.197.27
2013-02-14 21:54:210 / 1http://l5173.bins.lop.com/bins/int/9kgen_up.int208.91.197.160
2013-02-14 21:24:150 / 1http://t18970.bins.lop.com/bins/int/9kgen_up.int208.91.197.160
2013-02-14 18:14:110 / 0http://bubutravel.com/208.91.197.27



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (3)


Request Response 
GET /rg-rlog.php HTTP/1.1

Host: www.tuff-music.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: text/html; charset=UTF-8

Date: Fri, 26 Oct 2012 10:17:35 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.16
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=128
Connection: Keep-Alive
GET /favicon.ico HTTP/1.1

Host: www.tuff-music.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Fri, 26 Oct 2012 10:17:35 GMT
Server: Apache/2.2.3 (Red Hat)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
GET /favicon.ico HTTP/1.1

Host: www.tuff-music.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Fri, 26 Oct 2012 10:17:38 GMT
Server: Apache/2.2.3 (Red Hat)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive