Overview

URL h123.tv/k.exe
IP42.51.42.170
ASNAS56005 Henan Telcom Union Technology Co., LTD
Location China
Report completed2018-12-05 15:17:15 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-12-05 2 h123.tv/k.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 42.51.42.170

Date UQ / IDS / BL URL IP
2018-09-22 00:48:59 +0200
0 - 0 - 1 www.h123.tv/k.exe 42.51.42.170
2018-07-11 16:39:45 +0200
0 - 3 - 1 www.h123.tv/k.exe 42.51.42.170

Last 10 reports on ASN: AS56005 Henan Telcom Union Technology Co., LTD

Date UQ / IDS / BL URL IP
2018-12-09 00:16:37 +0100
0 - 1 - 1 up.qo12.cn/hbjx.exe 42.51.208.64
2018-12-08 11:07:47 +0100
0 - 1 - 1 81in.cn/dxc/123.exe 42.51.16.109
2018-12-07 19:10:48 +0100
0 - 0 - 1 ccdn.cn/jzsoft/excel/sgzz/sgzz2/yjg2006071816 (...) 42.51.203.88
2018-12-06 16:35:33 +0100
0 - 0 - 0 42.51.34.60 42.51.34.60
2018-12-05 21:02:27 +0100
0 - 0 - 12 www.livemo.cn/archives/tag/geweidong 42.51.10.164
2018-12-04 10:23:14 +0100
0 - 0 - 0 42.51.196.45 42.51.196.45
2018-12-03 03:50:12 +0100
0 - 0 - 2 livemo.cn/archives/1290/feed 42.51.10.164
2018-11-29 01:01:18 +0100
0 - 0 - 1 up.qo12.cn/hbjx.exe 42.51.208.64
2018-11-27 22:57:17 +0100
0 - 0 - 1 4345.cc/wangbao.zip 42.51.206.169
2018-11-27 22:27:01 +0100
0 - 0 - 1 4345.cc/wangbao.zip 42.51.206.169

Last 2 reports on domain: h123.tv

Date UQ / IDS / BL URL IP
2018-09-22 00:48:59 +0200
0 - 0 - 1 www.h123.tv/k.exe 42.51.42.170
2018-07-11 16:39:45 +0200
0 - 3 - 1 www.h123.tv/k.exe 42.51.42.170


JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (6)


Request Response
                                        
                                            GET /block/index.htm HTTP/1.1 
Host: www.htuidc.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://h123.tv/k.exe

                                         
                                         42.51.199.6
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 05 Dec 2018 14:18:27 GMT
Content-Length: 2657
Last-Modified: Mon, 09 Oct 2017 01:42:38 GMT
Etag: "59dad40e-a61"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ISO-8859 HTML document text, with CRLF line terminators
Size:   2657
Md5:    01c72239919738272d152927ac776358
Sha1:   9b7425a71fde0d8578d4b06ecbacc2cff4807f9f
Sha256: ce7d4b598689a0937badacd4a78d0cc0b045e06aef31954a7428cd82c0185149
                                        
                                            GET /block/css/1.css HTTP/1.1 
Host: www.htuidc.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.htuidc.com/block/index.htm

                                         
                                         42.51.199.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Dec 2018 14:18:27 GMT
Content-Length: 756
Last-Modified: Wed, 10 Aug 2016 09:43:40 GMT
Etag: "57aaf74c-2f4"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ISO-8859 text, with CRLF line terminators
Size:   756
Md5:    9389e3fa57b97023332d7a2852e209e3
Sha1:   17f1d209d0cc7a15bf1227f9a8cf5e341596d7b2
Sha256: daa754c0121f4cfa62c4545392e342f17a61958622e14633a9a5df8d341b8293
                                        
                                            GET /block/images/bg.jpg HTTP/1.1 
Host: www.htuidc.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.htuidc.com/block/css/1.css

                                         
                                         42.51.199.6
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 05 Dec 2018 14:18:28 GMT
Content-Length: 78327
Last-Modified: Wed, 10 Aug 2016 09:43:40 GMT
Etag: "57aaf74c-131f7"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   78327
Md5:    8f9a6af0a8f2905437c28e0acf58029e
Sha1:   70e0415e58dd915e2879beeff5589c0eab142661
Sha256: 1e94793416bd7c824d5822af99d7465993379bcb17f7f47540467ff92b5fd66d
                                        
                                            GET /k.exe HTTP/1.1 
Host: h123.tv
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         42.51.42.170
HTTP/1.1 200 ok
Content-Type: text/html;charset=utf-8
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: h123.tv
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         42.51.42.170
HTTP/1.1 200 ok
Content-Type: text/html;charset=utf-8
                                        


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: h123.tv
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         42.51.42.170
HTTP/1.1 200 ok
Content-Type: text/html;charset=utf-8
                                        


--- Additional Info ---