Overview

URL sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4742021.rar
IP61.154.116.207
ASNAS4134 Chinanet
Location China
Report completed2018-05-16 00:49:15 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-16 2 sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4742021.rar Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 9 reports on IP: 61.154.116.207

Date UQ / IDS / BL URL IP
2019-05-10 18:37:30 +0200
0 - 0 - 1 sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2019-03-25 09:37:24 +0100
0 - 0 - 0 www.163086.cn/GoUrl.asp?url=%68%74%74%70%73%3 (...) 61.154.116.207
2019-03-06 13:16:14 +0100
0 - 0 - 1 sh-gfs.cn/Upload/PicFiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2019-01-22 07:27:04 +0100
0 - 0 - 1 sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2019-01-21 19:04:47 +0100
0 - 0 - 1 sh-gfs.cn/Upload/PicFiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2018-12-11 16:37:17 +0100
0 - 0 - 1 sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2018-12-10 17:41:36 +0100
0 - 0 - 1 sh-gfs.cn/Upload/PicFiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2018-04-29 20:40:13 +0200
0 - 0 - 1 www.dali-pack.com/ 61.154.116.207
2017-08-28 10:27:36 +0200
0 - 0 - 13 fctthotel.com/images/ProImg/show1/35222/S-max.htm 61.154.116.207

Last 10 reports on ASN: AS4134 Chinanet

Date UQ / IDS / BL URL IP
2019-05-23 15:59:00 +0200
0 - 0 - 1 patch3.51mag.com/2012/darksid2.lng_v1.5.rar 61.153.183.106
2019-05-23 15:58:41 +0200
0 - 0 - 1 patch2.99ddd.com/2013/ALI213-TCGhostRfs.18Tr- (...) 61.153.183.102
2019-05-23 15:58:36 +0200
0 - 0 - 1 patch3.51mag.com/2012/BordL2.28Tr-LNG_v1.1.2.rar 61.153.183.106
2019-05-23 15:58:33 +0200
0 - 0 - 1 patch2.99ddd.com/2012/CODBO2.12Tr-LNG.rar 61.153.183.102
2019-05-23 15:58:28 +0200
0 - 0 - 1 patch1.51mag.com/2013/AL2I13-TWDSI.v1.0.t10.l (...) 61.153.183.103
2019-05-23 15:54:06 +0200
0 - 2 - 0 cd002.www.duba.net/duba/install/2011/ever/kin (...) 116.207.145.12
2019-05-23 15:52:29 +0200
0 - 0 - 1 patch2.51mag.com/2010/shenjie2d15trainer.rar 61.153.183.102
2019-05-23 15:52:14 +0200
0 - 1 - 1 u1.innerpeer.com/ie6rmove.exe 122.226.188.14
2019-05-23 15:51:31 +0200
0 - 0 - 1 xiazai9.sh5y.com/setup_331.exe 122.228.207.246
2019-05-23 15:51:05 +0200
0 - 0 - 1 u2.innerpeer.com/xlbjhy.zip 58.223.172.35

Last 6 reports on domain: sh-gfs.cn

Date UQ / IDS / BL URL IP
2019-05-10 18:37:30 +0200
0 - 0 - 1 sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2019-03-06 13:16:14 +0100
0 - 0 - 1 sh-gfs.cn/Upload/PicFiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2019-01-22 07:27:04 +0100
0 - 0 - 1 sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2019-01-21 19:04:47 +0100
0 - 0 - 1 sh-gfs.cn/Upload/PicFiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2018-12-11 16:37:17 +0100
0 - 0 - 1 sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4 (...) 61.154.116.207
2018-12-10 17:41:36 +0100
0 - 0 - 1 sh-gfs.cn/Upload/PicFiles/2014.4.28_11.0.17_4 (...) 61.154.116.207


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (1)


Request Response
                                        
                                            GET /upload/picfiles/2014.4.28_11.0.17_4742021.rar HTTP/1.1 
Host: sh-gfs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         61.154.116.207
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Content-Length: 1083368
Content-Location: http://sh-gfs.cn/upload/picfiles/2014.4.28_11.0.17_4742021.rar
Last-Modified: Mon, 28 Apr 2014 03:00:17 GMT
Accept-Ranges: bytes
Etag: "59b6c9fb8d62cf1:a79b8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 15 May 2018 22:27:40 GMT


--- Additional Info ---
Magic:  RAR archive data, v1d, os: Win32
Size:   1083368
Md5:    120ec403323e375d9aaafbc6c82842da
Sha1:   8e9e056e9ce984646b273317c29f62a49b975c15
Sha256: 12ac4a448387526d4bca47c1ef526d0cd90d44f65eb57aff713fa00f6cae6a24

Alerts:
  Blacklists:
    - fortinet: Malware