urlquery.net - Report

Overview

URL	clhgoody.xyz/seo.exe
IP	99.198.127.106
ASN	AS32475 SingleHop
Location	United States
Report completed	2019-01-21 17:37:39 CET
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blacklists

MDL

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2019-01-21	2	clhgoody.xyz/seo.exe	Malware

DNS-BH

No alerts detected

mnemonic secure dns

Added / Verified	Severity	Host	Comment
2019-01-21	2	clhgoody.xyz	Blacklisted
2019-01-21	2	clhgoody.xyz	Blacklisted
2019-01-21	2	clhgoody.xyz	Blacklisted

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 99.198.127.106

Date	UQ / IDS / BL	URL	IP
2019-06-09 18:22:56 +0200	0 - 0 - 1	sob.olan.fti.ac.tz/s0ar3ece/br0scoiiu.html	99.198.127.106
2019-06-09 01:25:41 +0200	0 - 0 - 1	nmbadvertising.com/wp-snapshots/jnfup-zthma0f (...)	99.198.127.106
2019-06-07 15:59:45 +0200	0 - 0 - 1	shehzadm.com/wp-content/uploads/2018/10/Shehz (...)	99.198.127.106
2019-06-07 13:34:03 +0200	0 - 0 - 1	shehzadm.com/wp-content/uploads/2018/10/Shehz (...)	99.198.127.106
2019-05-31 14:41:54 +0200	0 - 0 - 0	99.198.127.106	99.198.127.106
2019-05-26 03:09:38 +0200	0 - 1 - 1	permutours.com/alibaba/login.php	99.198.127.106
2019-05-23 09:15:00 +0200	0 - 0 - 2	shehzadm.com/wp-content/uploads/2018/10	99.198.127.106
2019-05-23 03:20:35 +0200	0 - 0 - 5	shehzadm.com/wp-admin	99.198.127.106
2019-05-23 03:20:33 +0200	0 - 0 - 2	shehzadm.com/wp-content/uploads/2018/10	99.198.127.106
2019-04-25 23:57:08 +0200	0 - 0 - 0	cdjcollege.com/	99.198.127.106

Last 10 reports on ASN: AS32475 SingleHop

Date	UQ / IDS / BL	URL	IP
2019-07-01 11:38:14 +0200	0 - 0 - 0	https://best.prizedeal512.info/proc.php?0fa0c (...)	99.198.108.194
2019-06-30 07:03:16 +0200	0 - 0 - 0	https://megastrim.com/movie/412117/the-secret (...)	184.154.46.217
2019-06-30 01:15:15 +0200	0 - 0 - 0	https://janglo.net/ssp	184.154.159.11
2019-06-30 01:09:38 +0200	0 - 0 - 0	https://janglo.net/ssp	184.154.159.11
2019-06-27 17:26:07 +0200	0 - 0 - 0	https://janglo.net/ssp	184.154.159.11
2019-06-27 16:28:49 +0200	0 - 0 - 1	https://lfctime.com/vhg/update?email=lroliard (...)	108.178.27.243
2019-06-27 15:14:55 +0200	0 - 0 - 1	https://quickchargeindia.com/telekom/	65.60.11.226
2019-06-27 14:34:02 +0200	0 - 0 - 0	https://aqualisbraemar.com/	107.6.154.186
2019-06-27 08:28:39 +0200	0 - 0 - 0	traffic.yasssooo.com/?utm_term=670707327	99.198.108.196
2019-06-27 07:14:57 +0200	0 - 0 - 0	https://catalyticcolor.com/REDjuvenator-testi (...)	37.60.225.117

Last 5 reports on domain: clhgoody.xyz

Date	UQ / IDS / BL	URL	IP
2019-02-13 05:15:19 +0100	0 - 0 - 1	clhgoody.xyz/ntt.exe	136.243.44.194
2019-02-13 03:30:59 +0100	0 - 0 - 1	clhgoody.xyz/ntt.exe	136.243.44.194
2019-02-13 02:39:15 +0100	0 - 0 - 1	clhgoody.xyz/ntt.exe	136.243.44.194
2019-02-04 02:54:36 +0100	0 - 3 - 1	clhgoody.xyz/ppo.exe	62.75.171.208
2019-01-16 00:46:05 +0100	0 - 2 - 4	clhgoody.xyz/ho.exe	99.198.127.106

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (3)

Request	Response
GET /seo.exe HTTP/1.1 Host: clhgoody.xyz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	99.198.127.106 HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=UTF-8 Date: Mon, 21 Jan 2019 16:37:04 GMT Server: Apache Vary: User-Agent Content-Length: 0 Connection: close --- Additional Info --- Alerts: Blacklists: - fortinet: Malware - mnemonic_dns: Blacklisted
GET /favicon.ico HTTP/1.1 Host: clhgoody.xyz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	99.198.127.106 HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=UTF-8 Date: Mon, 21 Jan 2019 16:37:05 GMT Server: Apache Vary: User-Agent Content-Length: 0 Connection: close --- Additional Info --- Alerts: Blacklists: - mnemonic_dns: Blacklisted
GET /favicon.ico HTTP/1.1 Host: clhgoody.xyz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	99.198.127.106 HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=UTF-8 Date: Mon, 21 Jan 2019 16:37:08 GMT Server: Apache Vary: User-Agent Content-Length: 0 Connection: close --- Additional Info --- Alerts: Blacklists: - mnemonic_dns: Blacklisted

Request

Response

                                        
                                            GET /seo.exe HTTP/1.1 

                                        
                                            
Host: clhgoody.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-us,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip,deflate 

                                        
                                            
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 

                                        
                                            
Keep-Alive: 115 

                                        
                                            
Connection: keep-alive

                                         
                                         99.198.127.106

                                        
                                            HTTP/1.1 500 Internal Server Error 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Mon, 21 Jan 2019 16:37:04 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blacklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Blacklisted

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: clhgoody.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 

                                        
                                            
Accept: image/png,image/*;q=0.8,*/*;q=0.5 

                                        
                                            
Accept-Language: en-us,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip,deflate 

                                        
                                            
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 

                                        
                                            
Keep-Alive: 115 

                                        
                                            
Connection: keep-alive

                                         
                                         99.198.127.106

                                        
                                            HTTP/1.1 500 Internal Server Error 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Mon, 21 Jan 2019 16:37:05 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blacklists:

                                                    
                                                            - mnemonic_dns: Blacklisted

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: clhgoody.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-us,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip,deflate 

                                        
                                            
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 

                                        
                                            
Keep-Alive: 115 

                                        
                                            
Connection: keep-alive

                                         
                                         99.198.127.106

                                        
                                            HTTP/1.1 500 Internal Server Error 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Mon, 21 Jan 2019 16:37:08 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blacklists:

                                                    
                                                            - mnemonic_dns: Blacklisted