Overview

URL bfswqrt.ga/iedge/security.php
IP50.62.22.142
ASNAS26496 GoDaddy.com, LLC
Location United States
Report completed2018-07-20 18:13:10 CEST
StatusLoading report..
urlquery Alerts Scam / Cryptowall detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-20 2 bfswqrt.ga/iedge/security.php Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 50.62.22.142

Date UQ / IDS / BL URL IP
2018-07-20 18:01:43 +0200
3 - 0 - 0 bfswqrt.gq 50.62.22.142
2018-07-20 17:43:41 +0200
1 - 1 - 0 bfswqrt.ga/fir/security.php 50.62.22.142
2018-07-20 17:35:09 +0200
3 - 1 - 0 bfswqrt.ga 50.62.22.142
2018-07-20 17:31:56 +0200
3 - 0 - 0 bfswqrt.gq 50.62.22.142
2018-07-18 19:12:40 +0200
3 - 1 - 7 upsrtce.gq 50.62.22.142
2018-07-17 01:48:50 +0200
3 - 3 - 0 lksdert.ga/wm 50.62.22.142
2018-07-17 01:46:18 +0200
0 - 0 - 0 lksdert.ga 50.62.22.142
2018-07-17 01:36:55 +0200
0 - 0 - 0 50.62.22.142 50.62.22.142
2018-07-03 00:44:27 +0200
0 - 0 - 0 50.62.22.142 50.62.22.142
2018-06-29 20:54:27 +0200
3 - 3 - 7 cbqaktsh.gq/ 50.62.22.142

Last 10 reports on ASN: AS26496 GoDaddy.com, LLC

Date UQ / IDS / BL URL IP
2019-07-01 10:05:45 +0200
0 - 0 - 0 x.co/irbounce 45.40.140.1
2019-07-01 09:32:09 +0200
0 - 0 - 0 motoszinhasomares.com 107.180.41.254
2019-07-01 09:21:09 +0200
0 - 0 - 0 n3plcpnl0061.prod.ams3.secureserver.net 160.153.153.20
2019-07-01 08:33:23 +0200
0 - 0 - 0 https://letsfireurbossnow.com/hgh-x2-review/ 160.153.133.215
2019-07-01 07:25:19 +0200
0 - 0 - 0 globeofblogs.com/buttons/globe_blogs.gif 107.180.51.243
2019-07-01 05:43:50 +0200
0 - 3 - 1 www.solimpeks.in/exclusivityo.html 50.63.40.1
2019-07-01 04:10:30 +0200
0 - 0 - 0 madnessmedia.net 166.62.110.232
2019-07-01 01:43:02 +0200
0 - 0 - 0 boxpdfdocument.com 107.180.25.212
2019-07-01 00:58:53 +0200
0 - 0 - 0 bestficoservice.com 50.63.202.47
2019-06-30 21:03:36 +0200
0 - 0 - 0 https://pasteshr.com/arGwIsb6JP 160.153.128.0

Last 2 reports on domain: bfswqrt.ga

Date UQ / IDS / BL URL IP
2018-07-20 17:43:41 +0200
1 - 1 - 0 bfswqrt.ga/fir/security.php 50.62.22.142
2018-07-20 17:35:09 +0200
3 - 1 - 0 bfswqrt.ga 50.62.22.142


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (1)


Request Response
                                        
                                            GET /iedge/security.php HTTP/1.1 
Host: bfswqrt.ga
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         50.62.22.142
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 20 Jul 2018 16:12:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
WWW-Authenticate: Basic realm="Suspicious activity detected on your IP address due to harmful virus installed in your computer. Call Toll Free now @ +1-888-348-1617 for any assistance. Your data is at a serious risk.There is a system file missing due to some harmfull virus Debug malware error, system failure. Please contact technicians to rectify the issue.Please do not open internet browser for your security issue to avoid data corruption on your operating system. Please contact technicians at Tollfree Helpline at @ +1-888-348-1617(Toll free) PLEASE DO NOT SHUT DOWN OR RESTART YOUR COMPUTER, DOING THAT MAY LEAD TO DATA LOSS AND FAILURE OF OPERATING SYSTEM , HENCE NON BOOTABLE SITUATION RESULTING COMPLETE DATA LOSS . CONTACT ADMINISTRATOR DEPARTMENT TO RESOLVE THE ISSUE ON TOLL FREE @ +1-888-348-1617"
Refresh: 0; url=/iedge/security.php
Set-Cookie: PHPSESSID=kvuoh6igv69ok64fpg6ck24677; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text
Size:   40
Md5:    54a162d53b04d31ce268a35baf244caf
Sha1:   42c48439d4f282db5d8e5e19bf0f41a03fa3f94b
Sha256: 9aeea010b6b29e828ce60611b487c718abf716fa08d2d9eb13ed3a5b0a2f51a6

Alerts:
  urlquery:
    - Scam / Cryptowall detected
  Blacklists:
    - fortinet: Malware