Overview

URL oshibka-interneta.bbsindex.com/4369/102/ua.php
IP37.1.206.130
ASNAS50673 Serverius Holding B.V.
Location Netherlands
Report completed2017-09-01 01:54:27 CEST
StatusLoading report..
urlquery Alerts DynDNS domain detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 37.1.206.130

Date UQ / IDS / BL URL IP
2017-09-01 06:25:50 +0200
6 - 1 - 0 oshibka-interneta.bbsindex.com/4369/102/ua.php 37.1.206.130
2017-08-21 23:28:59 +0200
3 - 3 - 0 gov-mvs-ua.4irc.com/121ua/ua.php 37.1.206.130

Last 10 reports on ASN: AS50673 Serverius Holding B.V.

Date UQ / IDS / BL URL IP
2019-05-22 00:32:46 +0200
0 - 0 - 5 grand-prizehere14.com/online/diamond-of-boyan (...) 5.45.70.31
2019-05-22 00:23:50 +0200
0 - 0 - 1 denizdenyeniyilhediyesi.com/mein-weihnachtsba (...) 37.1.205.15
2019-05-21 22:27:24 +0200
0 - 0 - 1 prizes-rightnow5.com/douluo-dalu-ii-jueshui-t (...) 5.45.64.66
2019-05-21 22:27:24 +0200
0 - 1 - 1 prizes-rightnow5.com/douluo-dalu-ii-jueshui-t (...) 5.45.64.66
2019-05-21 22:01:45 +0200
0 - 0 - 0 5.45.79.15/input/?mark=20190521-mavinx.com/fj (...) 5.45.79.15
2019-05-21 21:58:50 +0200
0 - 0 - 0 5.45.79.15 5.45.79.15
2019-05-21 21:50:53 +0200
0 - 0 - 1 takeyour-prize.com/torrent/3701 37.1.205.200
2019-05-21 21:34:39 +0200
0 - 0 - 4 moffia.nl/ 185.116.164.6
2019-05-21 21:27:55 +0200
6 - 1 - 0 https://kanjinvivx.xyz/21117/2752/kg7dg8 37.49.225.10
2019-05-21 19:24:48 +0200
0 - 0 - 1 whiskeywed.com/wp-content/themes/Avada/assets (...) 5.45.64.66

No other reports on domain: bbsindex.com



JavaScript

Executed Scripts (21)


Executed Evals (10)

#1 JavaScript::Eval (size: 747, repeated: 1) - SHA256: 0074b430435a31b096d6bf538253c8055b7d472e0233c0b33881f2f9cb88dc15

                                              var on_div = document.getElementById("on");

      function cod() {
          onfocus = this.value == '2548B5 :>4 @071;>:8@>2:8...';
          on.innerHTML = '<font color="#6b6b6b">---</font>';
          setTimeout(function() {
              on.innerHTML = '<font color="#6b6b6b">--- ---</font>';
          }, 300);
          setTimeout(function() {
              on.innerHTML = '<font color="#6b6b6b">--- --- ---</font>';
          }, 600);
          setTimeout(function() {
              on.innerHTML = '<font color="#6b6b6b">--- --- --- ---</font>';
          }, 900);
          setTimeout(function() {
              on.innerHTML = '<font color="#6b6b6b">--- --- --- --- ---</font>';
          }, 1200);
          setTimeout(function() {
              on.innerHTML = '<font color="#c30000">2545= =525@=K9 :>4!</font>';
          }, 1500);
      }
                                    

#2 JavaScript::Eval (size: 410, repeated: 1) - SHA256: b8937ed987c41447e7fe794db35c4ecaae8d027b3f9a48fe40689a64311f15e7

                                            window.onkeydown = function(evt) {
        if (evt.keyCode == 27 || evt.keyCode == 18 || evt.keyCode == 123 || evt.keyCode == 85 || evt.keyCode == 9 || evt.keyCode == 115 || evt.keyCode == 116 || evt.keyCode == 112 || evt.keyCode == 114 || evt.keyCode == 17) {
            return false;
        }
    };
    window.onkeypress = function(evn) {
        if (evn.keyCode == 123 || evn.keyCode == 117) return false;
    };
                                    

#3 JavaScript::Eval (size: 129, repeated: 1) - SHA256: 1512d38f1de07a9ba9e19f7d64811213029986449c2a395695c828583d68680e

                                          onbeforeunload = function() {
          alert(""
              ESC, '"+  +", !" &#!");   return "" ESC, '
              "+  +", !" &#!";
          }
                                    

#4 JavaScript::Eval (size: 323, repeated: 1) - SHA256: f805bd55ffd272422c8e74f0953a6affd88e770e058edc6488db3e747417c626

                                        document.addEventListener('keyup', function(e) {
    if (e.keyCode == 122 || e.keyCode == 17 || e.keyCode == 18 || e.keyCode == 13) {
        toggleFullScreen();
        document.getElementById('sound').innerHTML = "<audio autoplay='autoplay'><source src='http://polariton.ad-l.ink/download/action/8bx2cmRy5/mp3'/></audio>";
    }
}, false);
                                    

#5 JavaScript::Eval (size: 267, repeated: 1) - SHA256: d4697b1ebe7683afd51a70f3354aaea8ed131210563f495298c1d2c1667b7fe0

                                        document.addEventListener('keyup', function(es) {
    if (es.keyCode == 27) {
        toggleFullScreen();
        document.getElementById('sound').innerHTML = "<audio autoplay='autoplay'><source src='http://polariton.ad-l.ink/download/action/8bx2cmRy5/mp3'/></audio>";
    }
}, false);
                                    

#6 JavaScript::Eval (size: 532, repeated: 1) - SHA256: 9b4aa32b6ee8f6da951ff72075972a13e0feedb60f0a95813300dae82c007b13

                                        function getDate() {
    var date = new Date();
    var hours = date.getHours();
    var minutes = date.getMinutes();
    var seconds = date.getSeconds();
    var day = date.getDate();
    var month = date.getMonth() + 1;
    var year = date.getFullYear();
    if (minutes < 10) {
        minutes = '0' + minutes;
    }
    if (seconds < 10) {
        seconds = '0' + seconds;
    }
    document.getElementById('timedisplay').innerHTML = hours + ':' + minutes + ':' + seconds + '<br>' + day + '.' + month + '.' + year;
}
setInterval(getDate, 0);
                                    

#7 JavaScript::Eval (size: 194, repeated: 1) - SHA256: fa7bb2f305a2c599655ebf5a2e8a90ad6d42e1cbafbddd96c6ee82f6e3ccb4fd

                                        function hello() {
    var p = document.getElementById('world');
    if (p.style.display == 'none') {
        p.style.display = 'block';
    } else {
        p.style.display = 'none';
    }
}
                                    

#8 JavaScript::Eval (size: 82, repeated: 1) - SHA256: eaad64e38398ebd625a861d33eb6c215ad5cbfbb9c1733359272d20633292b36

                                        function viewdiv(id) {
    var el = document.getElementById(id);
    el.style.display = "block";
}
                                    

#9 JavaScript::Eval (size: 523, repeated: 1) - SHA256: 50b0a678ce834ba30cb9d84636bf7376c03ce7d0bb2559cb270d657bd630fe0b

                                        if (key == 'jwsf72efuju2') {
    function toggleFullScreen() {
        if (!document.fullscreenElement && !document.mozFullScreenElement && !document.webkitFullscreenElement) {
            if (document.documentElement.requestFullscreen) {
                document.documentElement.requestFullscreen();
            } else if (document.documentElement.mozRequestFullScreen) {
                document.documentElement.mozRequestFullScreen();
            } else if (document.documentElement.webkitRequestFullscreen) {
                document.documentElement.webkitRequestFullscreen(Element.ALLOW_KEYBOARD_INPUT);
            }
        }
    }
}
                                    

#10 JavaScript::Eval (size: 502, repeated: 1) - SHA256: b5410693328b03022bf9114c99cbbc12b9bad402cb5d6d2bc803cea4c01c0607

                                        window.onload = function() {
    document.onclick = function(e) {
        e = e || event;
        target = e.target || e.srcElement;
        toggleFullScreen();
        document.body.style.cursor = 'not-allowed';
        document.getElementById('map').innerHTML = stroka;
        viewdiv('mydiv');
        viewdiv('mypanel');
        document.getElementById('sound').innerHTML = "<audio autoplay='autoplay'><source src='http://polariton.ad-l.ink/download/action/8bx2cmRy5/mp3'/></audio>";
    }
}
                                    

Executed Writes (0)



HTTP Transactions (8)


Request Response
                                        
                                            GET /4369/102/aloha/pop.js HTTP/1.1 
Host: oshibka-interneta.bbsindex.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://oshibka-interneta.bbsindex.com/4369/102/ua.php

                                         
                                         37.1.206.130
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 31 Aug 2017 23:53:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Wed, 30 Aug 2017 08:49:08 GMT
Etag: W/"1ec9-589-557f499dde3a4"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   721
Md5:    541e68c03a7ba5ad0a25800b9162b43b
Sha1:   a2aedfaa49ce5e5cc3ea934793aec83ff5b36b57
Sha256: 4d3aa572dd8cfbe400b21b7bedbcd319ef9557ef8dc11d3905021c1086595a13

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /4369/102/pop.js HTTP/1.1 
Host: oshibka-interneta.bbsindex.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://oshibka-interneta.bbsindex.com/4369/102/ua.php

                                         
                                         37.1.206.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Thu, 31 Aug 2017 23:53:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 24 Aug 2017 03:01:29 GMT
Etag: W/"1daf6-3dbd1-557770b7cb440"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   73547
Md5:    3430df7738a446d5af890fe52cedc830
Sha1:   58b8dc9be64732d863554fc3935e8be5fe956545
Sha256: 3eba3f16e572c7fadcc60154af4bc73db1500dcdda1d5aadd1dc6ec49adc5c5f

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /4369/102/ua.php HTTP/1.1 
Host: oshibka-interneta.bbsindex.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.1.206.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 31 Aug 2017 23:53:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.4.34
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   257214
Md5:    e06358a43daab477d06f68a60a0c6b2b
Sha1:   24abc0562c25eaeeb8cbc0b1b065f1b67a6ca4fe
Sha256: dfef406b2569af21c07d187ec5dada0f58e0bc9b8c5d2fb5067a842f96e6dcbc

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /4369/102/scripts.js HTTP/1.1 
Host: oshibka-interneta.bbsindex.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://oshibka-interneta.bbsindex.com/4369/102/ua.php

                                         
                                         37.1.206.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Thu, 31 Aug 2017 23:53:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 24 Aug 2017 03:01:29 GMT
Etag: W/"1daf8-f16-557770b7cb440"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1742
Md5:    7cb6c0dffa68faee978dab73873d2d78
Sha1:   ac774a8011475c33fb73e10a79dd82ea1f2423a6
Sha256: 4728008fea0275d1f3dc89088341c0d9d9a245ecd8bc2e9fec853e0511d915a5

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://oshibka-interneta.bbsindex.com/4369/102/ua.php

                                         
                                         216.58.209.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 31 Aug 2017 23:03:36 GMT
Expires: Fri, 01 Sep 2017 01:03:36 GMT
Last-Modified: Thu, 17 Aug 2017 01:11:09 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 13472
Cache-Control: public, max-age=7200
Age: 3016


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   13472
Md5:    b9b86922042a652c2ab95127f5d56fb1
Sha1:   ab415059ac440b2dc5aa4618e99df56b4f648222
Sha256: 9984b80ed589c69864d7fa2d664e83db447b4cafc4b7beeeea3c14a0818b519f
                                        
                                            GET /widgets.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://oshibka-interneta.bbsindex.com/4369/102/ua.php

                                         
                                         93.184.220.66
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=1800
Date: Thu, 31 Aug 2017 23:53:52 GMT
Etag: "83699f09f4bcebaa10462e1f37e208b4+gzip"
Last-Modified: Wed, 23 Aug 2017 21:14:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (arn/4668)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 33398


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Wed Aug 23 23:14:25 2017
Size:   33398
Md5:    2a090fab450c1792e74b4d696f68eb37
Sha1:   b4eb189c3f2e4bd9928da0864e976158d63b0aac
Sha256: 41c7a136cb9b3ca172309cc1c1c10c022db6a133f7366ef13975d42af2b3ee22
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: oshibka-interneta.bbsindex.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.1.206.130
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 31 Aug 2017 23:53:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Wed, 30 Aug 2017 08:49:08 GMT
Etag: W/"1ec9-589-557f499dde3a4"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   721
Md5:    541e68c03a7ba5ad0a25800b9162b43b
Sha1:   a2aedfaa49ce5e5cc3ea934793aec83ff5b36b57
Sha256: 4d3aa572dd8cfbe400b21b7bedbcd319ef9557ef8dc11d3905021c1086595a13

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: oshibka-interneta.bbsindex.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.1.206.130
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 31 Aug 2017 23:53:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Wed, 30 Aug 2017 08:49:08 GMT
Etag: W/"1ec9-589-557f499dde3a4"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   721
Md5:    541e68c03a7ba5ad0a25800b9162b43b
Sha1:   a2aedfaa49ce5e5cc3ea934793aec83ff5b36b57
Sha256: 4d3aa572dd8cfbe400b21b7bedbcd319ef9557ef8dc11d3905021c1086595a13

Alerts:
  urlquery:
    - DynDNS domain detected