Overview

URLwww.shezuly.com/qqmusic.exe
IP122.114.220.61
ASNAS37943 ZhengZhou GIANT Computer Network Technology Co., Ltd
Location China
Report completed2017-06-19 12:38:15 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; SV1; .NET CLR 3.0.04506; .NET CLR 3.5.21022)
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-06-192www.shezuly.com/qqmusic.exeMalware
2017-06-192www.shezuly.com/QQMusic.exeMalware
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 122.114.220.61

Date UQ / IDS / BL URL IP
2017-06-27 18:47:550 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 16:42:450 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 15:51:170 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 15:26:060 - 0 - 1www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 14:58:330 - 0 - 2shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 12:13:390 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61

Last 6 reports on ASN: AS37943 ZhengZhou GIANT Computer Network Technology Co., Ltd

Date UQ / IDS / BL URL IP
2017-06-27 18:47:550 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 16:42:450 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 15:51:170 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 15:26:060 - 0 - 1www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 15:22:350 - 0 - 1www.gczjy.com/soft/DirectX9.0.exe116.255.237.81
2017-06-27 14:58:330 - 0 - 2shezuly.com/qqmusic.exe122.114.220.61

Last 6 reports on domain: www.shezuly.com

Date UQ / IDS / BL URL IP
2017-06-27 18:47:550 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 16:42:450 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 15:51:170 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 15:26:060 - 0 - 1www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 12:13:390 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61
2017-06-27 11:12:410 - 0 - 2www.shezuly.com/qqmusic.exe122.114.220.61



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (2)


Request Response
GET /qqmusic.exe HTTP/1.1

Host: www.shezuly.com

User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; SV1; .NET CLR 3.0.04506; .NET CLR 3.5.21022)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 122.114.220.61
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 19 Jun 2017 10:37:06 GMT
Server: Apache
Location: http://www.shezuly.com/QQMusic.exe
Content-Length: 242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET /QQMusic.exe HTTP/1.1

Host: www.shezuly.com

User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; SV1; .NET CLR 3.0.04506; .NET CLR 3.5.21022)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 122.114.220.61
HTTP/1.1 200 OK
Content-Type: application/x-msdownload
Date: Mon, 19 Jun 2017 10:37:07 GMT
Server: Apache
Last-Modified: Thu, 08 Jun 2017 10:51:43 GMT
Etag: "161904-2d800-55170a36fa8bc"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked