Overview

URL hunza.pl/english/en/new/Content/espnh/Anexo-Documento_Planilha-DOC.scr
IP86.111.242.129
ASNAS47544 IQ PL Sp. z o.o.
Location Poland
Report completed2018-12-07 11:50:04 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-12-07 11:49:30 CET 1 Client IP  86.111.242.129 ET INFO SUSPICIOUS .scr file download


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 86.111.242.129

Date UQ / IDS / BL URL IP
2019-05-24 21:43:49 +0200
0 - 2 - 0 hunza.pl/english/en/new/sys/r/arq2.exe 86.111.242.129
2019-04-26 04:42:59 +0200
0 - 2 - 0 hunza.pl/english/en/new/sys/r/arq2.exe 86.111.242.129
2019-02-23 07:14:10 +0100
0 - 1 - 0 hunza.pl/english/en/new/sys/r/arq3.exe 86.111.242.129
2019-01-18 15:17:02 +0100
0 - 2 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2019-01-18 15:17:00 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/espnh/Anexo-D (...) 86.111.242.129
2018-12-30 16:14:47 +0100
0 - 2 - 0 hunza.pl/_vt/003/alcrest/document_40329_relat (...) 86.111.242.129
2018-12-30 16:14:39 +0100
0 - 1 - 0 hunza.pl/_vt/003/R/a1.exe 86.111.242.129
2018-12-07 11:50:09 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/RO/02.exe 86.111.242.129
2018-12-07 11:50:03 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2018-08-07 10:44:16 +0200
0 - 1 - 0 tibiahost.za.pl/quest.scr 86.111.242.129

Last 10 reports on ASN: AS47544 IQ PL Sp. z o.o.

Date UQ / IDS / BL URL IP
2019-06-10 10:16:17 +0200
0 - 0 - 2 cybergarden.zsti.net/_bindata 86.111.241.165
2019-06-09 06:26:52 +0200
0 - 0 - 18 blog.melifluo.pl/2015/12/08/vintage-fashion-3 (...) 86.111.240.137
2019-06-09 06:26:49 +0200
0 - 0 - 18 blog.melifluo.pl/2015/12/08/the-perfect-shoes (...) 86.111.240.137
2019-06-09 06:26:48 +0200
0 - 0 - 18 blog.melifluo.pl/2015/12/08/cheryl-steals-kat (...) 86.111.240.137
2019-06-09 06:26:45 +0200
0 - 0 - 18 blog.melifluo.pl/2015/12/08/golden-globes-fas (...) 86.111.240.137
2019-06-09 06:26:45 +0200
0 - 0 - 18 blog.melifluo.pl/2015/12/08/what-nude-underwe (...) 86.111.240.137
2019-06-09 06:26:46 +0200
0 - 0 - 18 blog.melifluo.pl/2015/12/08/the-5-new-watch-t (...) 86.111.240.137
2019-06-09 04:58:04 +0200
0 - 0 - 1 armn.pl/ 46.248.183.10
2019-06-07 19:35:18 +0200
0 - 0 - 12 zdobienieodziezy.pl/booking-hotel/.17 86.111.241.85
2019-06-07 09:03:36 +0200
0 - 0 - 2 cybergarden.zsti.net/ 86.111.241.165

Last 10 reports on domain: hunza.pl

Date UQ / IDS / BL URL IP
2019-05-24 21:43:49 +0200
0 - 2 - 0 hunza.pl/english/en/new/sys/r/arq2.exe 86.111.242.129
2019-04-26 04:42:59 +0200
0 - 2 - 0 hunza.pl/english/en/new/sys/r/arq2.exe 86.111.242.129
2019-02-23 07:14:10 +0100
0 - 1 - 0 hunza.pl/english/en/new/sys/r/arq3.exe 86.111.242.129
2019-01-18 15:17:02 +0100
0 - 2 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2019-01-18 15:17:00 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/espnh/Anexo-D (...) 86.111.242.129
2018-12-30 16:14:47 +0100
0 - 2 - 0 hunza.pl/_vt/003/alcrest/document_40329_relat (...) 86.111.242.129
2018-12-30 16:14:39 +0100
0 - 1 - 0 hunza.pl/_vt/003/R/a1.exe 86.111.242.129
2018-12-07 11:50:09 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/RO/02.exe 86.111.242.129
2018-12-07 11:50:03 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2018-02-09 22:06:49 +0100
0 - 0 - 1 www.hunza.pl/ 86.111.242.129


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (5)


Request Response
                                        
                                            GET /english/en/new/Content/espnh/Anexo-Documento_Planilha-DOC.scr HTTP/1.1 
Host: hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         86.111.242.129
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 07 Dec 2018 10:49:30 GMT
Server: Apache
Location: http://www.hunza.pl/english/en/new/Content/espnh/Anexo-Documento_Planilha-DOC.scr
Content-Length: 289
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   289
Md5:    60d5f39fa4759ee39707ae4448bbe5a9
Sha1:   9fbd7303f84c1604976de57f10db04aacdbc99f8
Sha256: 35d82ac59df6c7ae3c80e99a3aeab2b56cc9ce538d72dad73e325cf58bc38183

Alerts:
  IDS:
    - ET INFO SUSPICIOUS .scr file download
                                        
                                            GET /english/en/new/Content/espnh/Anexo-Documento_Planilha-DOC.scr HTTP/1.1 
Host: www.hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         86.111.242.129
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 07 Dec 2018 10:49:30 GMT
Server: Apache
Last-Modified: Tue, 26 Jun 2012 12:53:07 GMT
Etag: "583-4c35f947752c0"
Accept-Ranges: bytes
Content-Length: 1411
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1411
Md5:    6e91da672ad3a7b304a6c2bbf4701050
Sha1:   d817053e272765acc4b9da5e2e47545304133c0b
Sha256: d171af63e38c7a679c65e6e985f3c5cf16a68ec8206cafb4e7030fdb5a2494b8
                                        
                                            GET /komunikaty_bledow/logo_iq.gif HTTP/1.1 
Host: www.iq.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hunza.pl/english/en/new/Content/espnh/Anexo-Documento_Planilha-DOC.scr

                                         
                                         86.111.240.215
HTTP/1.1 301 Moved Permanently
                                        
Content-Length: 0
Location: https://www.iq.pl/komunikaty_bledow/logo_iq.gif


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         86.111.242.129
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 07 Dec 2018 10:49:31 GMT
Server: Apache
Last-Modified: Tue, 26 Jun 2012 12:53:07 GMT
Etag: "583-4c35f947752c0"
Accept-Ranges: bytes
Content-Length: 1411
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1411
Md5:    6e91da672ad3a7b304a6c2bbf4701050
Sha1:   d817053e272765acc4b9da5e2e47545304133c0b
Sha256: d171af63e38c7a679c65e6e985f3c5cf16a68ec8206cafb4e7030fdb5a2494b8
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-
If-Range: "583-4c35f947752c0"

                                         
                                         86.111.242.129
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 07 Dec 2018 10:49:34 GMT
Server: Apache
Last-Modified: Tue, 26 Jun 2012 12:53:07 GMT
Etag: "583-4c35f947752c0"
Accept-Ranges: bytes
Content-Length: 1411
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1411
Md5:    6e91da672ad3a7b304a6c2bbf4701050
Sha1:   d817053e272765acc4b9da5e2e47545304133c0b
Sha256: d171af63e38c7a679c65e6e985f3c5cf16a68ec8206cafb4e7030fdb5a2494b8