Overview

URL logicology.org/
IP208.73.200.242
ASNAS19318 NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC
Location United States
Report completed2017-10-16 16:33:09 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-10-16 16:35:48 CEST 1  60.208.33.170 Client IP ET TROJAN RAMNIT.A M2
2017-10-16 16:36:08 CEST 1  60.208.33.170 Client IP ET TROJAN RAMNIT.A M2
2017-10-16 16:35:48 CEST 1  60.208.33.170 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2017-10-16 16:36:08 CEST 1  60.208.33.170 Client IP ET TROJAN PE EXE or DLL Windows file download Text
2017-10-16 16:36:08 CEST 1  60.208.33.170 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2017-10-16 16:35:48 CEST 1  60.208.33.170 Client IP ET TROJAN PE EXE or DLL Windows file download Text


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 208.73.200.242

Date UQ / IDS / BL URL IP
2017-11-18 09:03:42 +0100
0 - 1 - 0 androsproperties.net/ 208.73.200.242
2017-11-18 07:49:04 +0100
0 - 1 - 1 mmecenter.com/ 208.73.200.242
2017-11-15 20:51:22 +0100
0 - 1 - 0 mmecenter.com/ 208.73.200.242
2017-10-31 07:29:48 +0100
0 - 1 - 0 androsproperties.net/ 208.73.200.242
2017-10-28 06:48:00 +0200
0 - 2 - 0 sffsa.tomasek.org/ 208.73.200.242
2017-10-27 05:36:39 +0200
0 - 1 - 0 androsproperties.net/ 208.73.200.242
2017-10-22 22:30:10 +0200
0 - 1 - 0 androsproperties.net/ 208.73.200.242
2017-10-18 22:45:08 +0200
0 - 1 - 0 androsproperties.net/ 208.73.200.242
2017-10-11 21:36:58 +0200
0 - 1 - 0 androsproperties.net/ 208.73.200.242
2017-10-09 12:51:51 +0200
0 - 0 - 2 tdbkonline.com/ 208.73.200.242

Last 10 reports on ASN: AS19318 NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC

Date UQ / IDS / BL URL IP
2017-11-19 05:29:16 +0100
0 - 0 - 1 www.molefamily.net.tf/~xinhvl/loginphpsitedom (...) 66.45.253.74
2017-11-19 04:50:05 +0100
0 - 0 - 1 www.nguoiraotin.com/~xinhvl/loginphpsitedomai (...) 66.45.253.74
2017-11-19 01:06:38 +0100
0 - 3 - 13 smspoint.biz/resources/wap-mp3.php 66.45.227.250
2017-11-19 00:47:33 +0100
0 - 3 - 0 invoicedwd.tk/ 216.158.236.123
2017-11-19 00:41:48 +0100
0 - 0 - 2 com-accountverificatlon.com/ 199.231.189.202
2017-11-18 23:56:31 +0100
0 - 0 - 1 app-manage-connect.services/ 64.20.37.43
2017-11-18 22:27:40 +0100
0 - 3 - 11 www.smspoint.biz/resources/programmi-symbian.php 66.45.227.250
2017-11-18 21:34:24 +0100
0 - 0 - 1 www.udayaads.com/images/medfile/rayyah/yohoo/ (...) 162.250.124.34
2017-11-18 20:58:45 +0100
0 - 2 - 7 smspoint.biz/wap-solutions/mms-software.html 66.45.227.250
2017-11-18 18:42:30 +0100
0 - 0 - 2 limitation.my3gb.com/login.htm? 66.45.238.251

No other reports on domain: logicology.org



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (8)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: logicology.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         208.73.200.242
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 16 Oct 2017 14:35:44 GMT
Content-Length: 1577
Last-Modified: Thu, 12 Dec 2013 15:55:31 GMT
Connection: keep-alive
Etag: "52a9dc73-629"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1577
Md5:    6e64b3da94acb05d8902338e1e6195ab
Sha1:   4fa85e9dc200df1d9b5f5d8ee15ee5a0c7e9a4e2
Sha256: c263a6d94da3e6934edcf8cf1281b6e9b9730c2fb819d117e2d7423cb0140527
                                        
                                            GET /style.css HTTP/1.1 
Host: logicology.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://logicology.org/

                                         
                                         208.73.200.242
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Mon, 16 Oct 2017 14:35:45 GMT
Content-Length: 207
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   207
Md5:    bef98c5d9f7b88a2adb10c59cff4d385
Sha1:   f393d567a024b050729a90b83928784006fa60d7
Sha256: 13444653f805917e95b708d8f50f6501bc40f1f4829c30b298a35346b47c9eba
                                        
                                            GET /images/til_1.jpg HTTP/1.1 
Host: logicology.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://logicology.org/

                                         
                                         208.73.200.242
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 16 Oct 2017 14:35:45 GMT
Content-Length: 4947
Last-Modified: Thu, 12 Dec 2013 15:55:31 GMT
Connection: keep-alive
Etag: "52a9dc73-1353"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   4947
Md5:    fb95a1bd8d760239d69fb617eb96c02b
Sha1:   3b14fedf442c6c4dc92e2735e0cebb6fe4ffd696
Sha256: b59b5a23080ac94202143c77e229da7a78302db352157865e4fab8915cc84171
                                        
                                            GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 
Host: fpdownload2.macromedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.159.219.19
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: Apache
Last-Modified: Mon, 16 Oct 2017 05:32:28 GMT
Etag: "60c-55ba35517034e"
Accept-Ranges: bytes
Content-Length: 1548
Date: Mon, 16 Oct 2017 14:35:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  XML document text\012 XML document text
Size:   1548
Md5:    e0d6b40f194bf3d94882169314fa6f48
Sha1:   bc79220c94cbfa23b45080132bf8181785053f85
Sha256: 338613f295d3383163fdca8ac8bc3efd81b69b471ab24a5a069dddf336aaf0a2
                                        
                                            GET /images/back_center.jpg HTTP/1.1 
Host: logicology.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://logicology.org/

                                         
                                         208.73.200.242
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 16 Oct 2017 14:35:45 GMT
Content-Length: 64859
Last-Modified: Thu, 12 Dec 2013 15:55:31 GMT
Connection: keep-alive
Etag: "52a9dc73-fd5b"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   64859
Md5:    7f3a8f65e50a93ae10a38d81a4ff8c8d
Sha1:   0c56706ad264a39c7ae405fa0b5735f458a96507
Sha256: 3fb7d08bc9fef17583c0f381b435a9d5fe13715a108a6cbbb088e922587f3f87
                                        
                                            GET /Flash/intro.swf HTTP/1.1 
Host: logicology.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://logicology.org/

                                         
                                         208.73.200.242
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Server: nginx
Date: Mon, 16 Oct 2017 14:35:45 GMT
Content-Length: 1799757
Last-Modified: Mon, 03 Nov 2014 04:02:07 GMT
Connection: keep-alive
Etag: "5456fe3f-1b764d"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Macromedia Flash data (compressed), version 6
Size:   1799757
Md5:    3331a4867c3fb4e849bb01f5741301a4
Sha1:   71b1b3e23b1aef1a0f75051ba436d482e9c37c5e
Sha256: 924806888603edc4b793a6df6a21042c5c336f4f5a31cb2cc7b61c2cf692bf49
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: logicology.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         208.73.200.242
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Mon, 16 Oct 2017 14:36:03 GMT
Content-Length: 209
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: logicology.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         208.73.200.242
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Mon, 16 Oct 2017 14:36:06 GMT
Content-Length: 209
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642