Overview

URLhttp://www.atmokna.ru/jquery.js
IP77.234.201.89
ASNAS42289 Saint-Petersburg State University of Information Technologies, Mechanics and Optics
Location Russian Federation
Report completed2012-10-31 11:47:43 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader8.0
Java1.6.0_26


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Source IP Destination IP Severity Alert
2012-10-31 11:47:13 77.234.201.89 urlQuery Client1ET CURRENT_EVENTS Blackhole Landing Try Prototype Catch Jun 18 2012
2012-10-31 11:47:13 77.234.201.89 urlQuery Client1ET CURRENT_EVENTS Blackhole Landing for prototype catch substr
2012-10-31 11:47:34 77.234.201.89 urlQuery Client2ET CURRENT_EVENTS Blackhole Try Prototype Catch June 11 2012
Snort /w Sourcefire VRT
Timestamp Source IP Destination IP Severity Alert
2012-10-31 11:47:13 77.234.201.89 urlQuery Client1EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch
2012-10-31 11:47:13 77.234.201.89 urlQuery Client1EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch
2012-10-31 11:47:13 77.234.201.89 urlQuery Client1EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch
2012-10-31 11:47:13 77.234.201.89 urlQuery Client1EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch


Recent reports on same IP/ASN/Domain

Last 4 reports on IP: 77.234.201.89

Date Alerts / IDS URL IP
2012-12-01 02:47:540 / 5http://medsro.ru/w3.js77.234.201.89
2012-11-26 03:19:201 / 1http://www.ledarena.ru/rasp.php77.234.201.89
2012-11-17 07:34:511 / 1http://www.ledarena.ru/77.234.201.89
2012-10-25 18:06:560 / 3http://www.atmokna.ru/jquery.js77.234.201.89

Last 6 reports on ASN: AS42289 Saint-Petersburg State University of Information Technologies, Mechanics and Optics

Date Alerts / IDS URL IP
2013-03-20 07:12:331 / 3http://kchr-eco.ru/нов&At (...)77.234.201.104
2013-03-19 17:33:101 / 3http://kchr-eco.ru/нов&At (...)77.234.201.104
2013-03-19 14:42:211 / 15http://besedatime.com/popesued.html77.234.200.220
2013-03-19 08:05:001 / 3http://kchr-eco.ru/нов&At (...)77.234.201.104
2013-03-19 07:05:561 / 3http://kchr-eco.ru/varene-iz-kizila.html77.234.201.104
2013-03-19 05:18:441 / 3http://kchr-eco.ru/itemlist/tag/опÐ&Ac (...)77.234.201.104

Last 1 reports on domain: www.atmokna.ru

Date Alerts / IDS URL IP
2012-10-25 18:06:560 / 3http://www.atmokna.ru/jquery.js77.234.201.89



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (3)


Request Response 
GET /jquery.js HTTP/1.1

Host: www.atmokna.ru

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: application/x-javascript

Date: Wed, 31 Oct 2012 10:47:10 GMT
Server: Apache/1.3.34 (Unix) mod_deflate/1.0.21 PHP/5.2.17
Last-Modified: Wed, 16 May 2012 13:45:18 GMT
Etag: "8808-11d6e-4fb3af6e"
Accept-Ranges: bytes
Content-Length: 73070
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
GET /favicon.ico HTTP/1.1

Host: www.atmokna.ru

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Wed, 31 Oct 2012 10:47:13 GMT
Server: Apache/1.3.34 (Unix) mod_deflate/1.0.21 PHP/5.2.17
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
GET /favicon.ico HTTP/1.1

Host: www.atmokna.ru

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html; charset=iso-8859-1

Date: Wed, 31 Oct 2012 10:47:16 GMT
Server: Apache/1.3.34 (Unix) mod_deflate/1.0.21 PHP/5.2.17
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked