urlquery.net - Free url scanner

Overview

URL	http://www.dsdnf.tk/lotokhd/dufuwuqipeizhi1.asp?yanzhengyyh=llll494739079638bc24a62874a916f5af57
IP	111.68.9.155
ASN	AS45753 NETWORK AND SECURITY SOLUTIONS LIMITED
Location	Hong Kong
Report completed	2012-11-06 02:53:47 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-06 02:53:13	urlQuery Client	Internal IP	2	ET CURRENT_EVENTS DNS Query to a .tk domain - Likely Hostile
2012-11-06 02:53:14	urlQuery Client	111.68.9.155	2	ET CURRENT_EVENTS HTTP Request to a *.tk domain
2012-11-06 02:53:14	urlQuery Client	111.68.9.155	2	ET CURRENT_EVENTS HTTP Request to a *.tk domain
2012-11-06 02:53:17	urlQuery Client	111.68.9.155	2	ET CURRENT_EVENTS HTTP Request to a *.tk domain

Snort /w Sourcefire VRT

No alerts detected

Recent reports on same IP/ASN/Domain

Last 6 reports on ASN: AS45753 NETWORK AND SECURITY SOLUTIONS LIMITED

Date	Alerts / IDS	URL	IP
2013-03-20 18:28:00	0 / 0	http://175.41.29.181	175.41.29.181
2013-03-20 09:00:12	0 / 10	http://www.ok179.cn/Html/2/Play_891.html	216.83.41.212
2013-03-20 07:23:33	0 / 11	http://www.ok179.cn/Html/2/Play_895.html	216.83.41.212
2013-03-20 04:16:51	0 / 1	http://www.zjwzjgj.com/news/newsshow.asp?id=1128	112.121.177.42
2013-03-20 01:39:55	0 / 1	http://www.baidudel.com/1mg/am1.rar	180.178.36.220
2013-03-19 17:33:17	0 / 8	http://www.ok179.cn/Html/2/Play_895.html	216.83.41.212

Last 2 reports on domain: www.dsdnf.tk

Date	Alerts / IDS	URL	IP
2012-11-14 13:38:02	0 / 4	http://www.dsdnf.tk/csnety.asp	111.68.9.158
2012-11-13 20:35:56	0 / 4	http://www.dsdnf.tk/lotokhd/dufuwuqipeizhi1.asp?yanzhengyyh=xxxx77a5a524ce083adacf129bd195d1993 (...)	111.68.9.158

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (3)

Request	Response
GET /lotokhd/dufuwuqipeizhi1.asp?yanzhengyyh=llll494739079638bc24a62874a916f5af57 HTTP/1.1 Host: www.dsdnf.tk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 01:50:29 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 420 Set-Cookie: ASPSESSIONIDCQCARQAC=EIBHIHCAAALIHINHENNPNKAK; path=/ Cache-Control: private
GET /favicon.ico HTTP/1.1 Host: www.dsdnf.tk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: ASPSESSIONIDCQCARQAC=EIBHIHCAAALIHINHENNPNKAK	HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Nov 2012 01:50:30 GMT Content-Length: 1308 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /favicon.ico HTTP/1.1 Host: www.dsdnf.tk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: ASPSESSIONIDCQCARQAC=EIBHIHCAAALIHINHENNPNKAK	HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Nov 2012 01:50:33 GMT Content-Length: 1308 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET

Request

Response

GET /lotokhd/dufuwuqipeizhi1.asp?yanzhengyyh=llll494739079638bc24a62874a916f5af57 HTTP/1.1

Host: www.dsdnf.tk


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

HTTP/1.1 200 OK

Content-Type: text/html

Date: Tue, 06 Nov 2012 01:50:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 420
Set-Cookie: ASPSESSIONIDCQCARQAC=EIBHIHCAAALIHINHENNPNKAK; path=/
Cache-Control: private

GET /favicon.ico HTTP/1.1

Host: www.dsdnf.tk


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ASPSESSIONIDCQCARQAC=EIBHIHCAAALIHINHENNPNKAK

HTTP/1.1 404 Not Found

Content-Type: text/html

Date: Tue, 06 Nov 2012 01:50:30 GMT
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

GET /favicon.ico HTTP/1.1

Host: www.dsdnf.tk


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ASPSESSIONIDCQCARQAC=EIBHIHCAAALIHINHENNPNKAK

HTTP/1.1 404 Not Found

Content-Type: text/html

Date: Tue, 06 Nov 2012 01:50:33 GMT
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET