Overview

URL ue8.nljhh.cn/km8
IP192.151.196.12
ASNAS18978 Enzu Inc
Location United States
Report completed2018-01-24 05:05:43 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-01-24 2 ue8.nljhh.cn/km8 Malware
2018-01-24 2 ue8.nljhh.cn/tj.js Malware
2018-01-24 2 ue8.nljhh.cn/common.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 192.151.196.12

Date UQ / IDS / BL URL IP
2019-02-11 20:51:39 +0100
0 - 0 - 1 vxtdth.cn/ 192.151.196.12
2018-01-24 15:09:13 +0100
0 - 0 - 3 vf3.qrrzf.cn/jhl 192.151.196.12
2018-01-24 09:00:45 +0100
0 - 0 - 3 ses.nljhh.cn/ck6 192.151.196.12
2018-01-24 06:00:57 +0100
0 - 0 - 3 vvd.nljhh.cn/9fv/272.html 192.151.196.12
2018-01-24 06:00:44 +0100
0 - 0 - 3 lvl.nljhh.cn/hpp 192.151.196.12
2018-01-24 05:05:24 +0100
0 - 0 - 3 dhz.nljhh.cn/9tl 192.151.196.12
2018-01-24 04:02:04 +0100
0 - 0 - 3 nvv.nljhh.cn/zrv 192.151.196.12
2018-01-24 02:43:18 +0100
0 - 0 - 3 28a.qrrzf.cn/mg4 192.151.196.12
2018-01-23 14:01:00 +0100
0 - 0 - 3 v7l.nljhh.cn/bhh 192.151.196.12
2018-01-23 13:25:11 +0100
0 - 0 - 3 dhv.qrrzf.cn/7tl 192.151.196.12

Last 10 reports on ASN: AS18978 Enzu Inc

Date UQ / IDS / BL URL IP
2019-05-20 01:12:13 +0200
0 - 3 - 0 genetzakis.ml/ 192.157.252.17
2019-05-19 20:08:36 +0200
0 - 0 - 3 www.jxtssz.com/default.php 172.246.58.135
2019-05-19 19:03:41 +0200
0 - 0 - 1 yingfae.space/ 192.157.192.19
2019-05-19 16:48:27 +0200
0 - 4 - 18 hgtrb.com/info/1017/1056.htm 23.88.72.11
2019-05-19 16:44:41 +0200
0 - 0 - 4 https://lanquenetwork.com/yiwanxianshengmr007 (...) 172.246.14.83
2019-05-19 16:40:28 +0200
0 - 0 - 1 www.mysotm.com/?route=/index.asp 107.183.177.131
2019-05-19 16:34:46 +0200
0 - 4 - 4 www.rs361.com/?route=/search.aspx 104.202.113.9
2019-05-19 14:10:53 +0200
0 - 1 - 0 cejgot718.top/ 172.246.129.134
2019-05-19 10:18:24 +0200
0 - 1 - 0 2018ttjlp.top/ 23.244.24.246
2019-05-19 05:16:37 +0200
0 - 0 - 4 https://panzacatecas.org/2019/evalconse.pdf 199.193.254.5

No other reports on domain: nljhh.cn



JavaScript

Executed Scripts (4)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (7)


Request Response
                                        
                                            GET /km8 HTTP/1.1 
Host: ue8.nljhh.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.151.196.12
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 24 Jan 2018 04:11:53 GMT
Content-Length: 845
Server: Microsoft-IIS/6.0


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   845
Md5:    619be9827cd472c9e162e13e7c0774d6
Sha1:   410d556c8ded167a84af236f5c676b09253b4c96
Sha256: 011ee78857834bfceb7c28d4fa7f7c23b64880163907de3bd2b2374eadff0e18

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /tj.js HTTP/1.1 
Host: ue8.nljhh.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ue8.nljhh.cn/km8

                                         
                                         192.151.196.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Wed, 24 Jan 2018 04:11:54 GMT
Content-Length: 305
Server: Microsoft-IIS/6.0


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   305
Md5:    908131a763165ff74627d7a0c19da754
Sha1:   dcc577bd8f426d82dde4cd79fc7c540c874f11cc
Sha256: 4fbfe60962214826136c27579401a99c3c5815c227562ecd907e1586e4c8cdbf

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /common.js HTTP/1.1 
Host: ue8.nljhh.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ue8.nljhh.cn/km8

                                         
                                         192.151.196.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Wed, 24 Jan 2018 04:11:54 GMT
Content-Length: 0
Server: Microsoft-IIS/6.0


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ue8.nljhh.cn/km8

                                         
                                         61.135.162.21
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Set-Cookie: BAIDUID=29AC992AEA390AD1A8EBB16E71C33B8D:FG=1; max-age=31536000; expires=Thu, 24-Jan-19 04:11:54 GMT; domain=.baidu.com; path=/; version=1
P3P: CP=" OTI DSP COR IVA OUR IND COM "
Etag: "4078520126"
Accept-Ranges: bytes
Last-Modified: Wed, 25 Nov 2015 07:46:07 GMT
Expires: Thu, 24 Jan 2019 04:11:54 GMT
Cache-Control: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 227
Date: Wed, 24 Jan 2018 04:11:54 GMT
Server: apache


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /s.gif?l=http://ue8.nljhh.cn/km8 HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ue8.nljhh.cn/km8
Cookie: BAIDUID=29AC992AEA390AD1A8EBB16E71C33B8D:FG=1

                                         
                                         61.135.162.115
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Transfer-Encoding: chunked
Date: Wed, 24 Jan 2018 04:11:54 GMT
Server: apache


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ue8.nljhh.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.151.196.12
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 24 Jan 2018 04:11:55 GMT
Content-Length: 845
Server: Microsoft-IIS/6.0


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   845
Md5:    619be9827cd472c9e162e13e7c0774d6
Sha1:   410d556c8ded167a84af236f5c676b09253b4c96
Sha256: 011ee78857834bfceb7c28d4fa7f7c23b64880163907de3bd2b2374eadff0e18
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ue8.nljhh.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.151.196.12
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 24 Jan 2018 04:11:58 GMT
Content-Length: 845
Server: Microsoft-IIS/6.0


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   845
Md5:    619be9827cd472c9e162e13e7c0774d6
Sha1:   410d556c8ded167a84af236f5c676b09253b4c96
Sha256: 011ee78857834bfceb7c28d4fa7f7c23b64880163907de3bd2b2374eadff0e18