Overview

URL heatingkentucky.com/wp-content/themes/Avada/cms.exe
IP45.55.59.250
ASNAS393406 Digital Ocean, Inc.
Location United States
Report completed2019-01-19 18:53:33 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-01-19 2 heatingkentucky.com/wp-content/themes/Avada/cms.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns
Added / Verified Severity Host Comment
2019-01-19 2 heatingkentucky.com Blacklisted


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.55.59.250

Date UQ / IDS / BL URL IP
2019-01-20 06:44:03 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/s (...) 45.55.59.250
2019-01-20 06:43:58 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/m (...) 45.55.59.250
2019-01-19 15:38:24 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/11.exe 45.55.59.250
2019-01-19 15:12:38 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/b (...) 45.55.59.250
2019-01-18 17:23:46 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/m (...) 45.55.59.250
2018-12-08 19:24:01 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/m (...) 45.55.59.250
2018-12-08 19:22:59 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/s (...) 45.55.59.250
2018-12-08 11:07:41 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/c (...) 45.55.59.250
2018-12-08 07:21:06 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/11.exe 45.55.59.250
2018-12-08 07:07:51 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/b (...) 45.55.59.250

Last 10 reports on ASN: AS393406 Digital Ocean, Inc.

Date UQ / IDS / BL URL IP
2019-06-30 01:24:40 +0200
0 - 0 - 0 azuredummies.com 104.131.60.174
2019-06-30 01:20:44 +0200
0 - 0 - 0 https://freebiesupply.com/logos/new-york-gian (...) 104.131.48.134
2019-06-30 01:18:42 +0200
0 - 0 - 0 www.goodnightjournal.com/2019/06/28/easy-payp (...) 104.236.98.136
2019-06-26 19:54:30 +0200
0 - 0 - 0 server4.broomkpark.info/?pagex=1&s1=icCmLqS1U (...) 45.55.59.95
2019-06-26 15:24:20 +0200
0 - 0 - 0 us16.tcdn.me/api/test?827486819462 104.236.55.136
2019-06-25 03:02:13 +0200
0 - 0 - 2 snyderphoto.com/ 104.131.93.114
2019-06-25 02:49:51 +0200
0 - 0 - 0 texarkanaprosound.com 45.55.45.208
2019-06-20 21:06:20 +0200
0 - 0 - 1 catsmeouch.com 104.131.111.199
2019-06-19 17:01:08 +0200
0 - 0 - 0 sccodes.org 104.236.35.207
2019-06-19 16:23:19 +0200
0 - 0 - 0 agentbot.net 104.236.45.177

Last 10 reports on domain: heatingkentucky.com

Date UQ / IDS / BL URL IP
2019-05-24 17:31:16 +0200
0 - 1 - 4 heatingkentucky.com/wp-content/themes/Avada/s (...) 192.124.249.119
2019-05-24 17:31:12 +0200
0 - 2 - 4 heatingkentucky.com/wp-content/themes/Avada/m (...) 192.124.249.119
2019-05-03 05:47:44 +0200
0 - 2 - 4 heatingkentucky.com/wp-content/themes/Avada/m (...) 192.124.249.119
2019-05-03 02:03:26 +0200
0 - 1 - 4 heatingkentucky.com/wp-content/themes/Avada/s (...) 192.124.249.119
2019-05-03 02:00:27 +0200
0 - 0 - 2 https://heatingkentucky.com/wp-content/themes (...) 192.124.249.119
2019-04-19 10:26:51 +0200
0 - 0 - 4 heatingkentucky.com/wp-content/themes/Avada/s (...) 192.124.249.119
2019-04-17 07:58:51 +0200
0 - 0 - 4 heatingkentucky.com/wp-content/themes/Avada/m (...) 192.124.249.119
2019-01-20 06:44:03 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/s (...) 45.55.59.250
2019-01-20 06:43:58 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/m (...) 45.55.59.250
2019-01-19 15:38:24 +0100
0 - 0 - 2 heatingkentucky.com/wp-content/themes/Avada/11.exe 45.55.59.250


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (1)


Request Response
                                        
                                            GET /wp-content/themes/Avada/cms.exe HTTP/1.1 
Host: heatingkentucky.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         45.55.59.250
HTTP/1.1 200 OK
Content-Type: application/x-msdos-program
                                        
Date: Sat, 19 Jan 2019 17:52:53 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 15 May 2018 05:26:10 GMT
Etag: "38400-56c37d7054080"
Accept-Ranges: bytes
Content-Length: 230400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PE32 executable for MS Windows (GUI) Intel 80386 32-bit
Size:   230400
Md5:    ff873a18530cacaf747a160e29d8eab2
Sha1:   727f717b8c876addec380aa3e2a6652859c6ac2c
Sha256: 47e3bc7870fd4b476a48a98ce47f034737d21d70096f86ea3ca04cf42c5a2069

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted