Botnet
Sality
Date
2015-03-09 05:03:18
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
2107
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
APT Stuxnet
Date
2015-03-01 07:03:55
IP
31.40.6.40
Domain
www.mypremierfutbol.com
User Agent
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/index.php?data=66a96e28946ae06bd5d79f3cc56200481bb53bd76e607407dd29715e42e43f9a5390d443f2a7645fa21d659d3fb4a877e8629ba48291a374c7cb908e5a08ac56c6983db9e07b14f74d8d993fb5a8688d498b91baa9e542838ea1bd
OS
Windows XP
Browser
IE 6.0
Port
1041
Threat
1
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-02-22 03:02:16
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49349
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-02-18 08:02:11
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1093
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-02-07 11:02:53
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1126
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-01-31 04:01:11
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1121
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-01-24 12:01:32
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49180
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-01-22 08:01:25
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49210
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-01-21 04:01:23
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1090
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2015-01-19 04:01:46
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1116
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-12-22 04:12:10
IP
31.40.6.40
Domain
www.ceylanogullari.com
User Agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50728)
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/logof.gif?449148=22468200
OS
Windows XP
Browser
IE 7.0
Port
2522
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-12-18 05:12:12
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1064
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-12-17 07:12:26
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1095
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-12-17 10:12:44
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1137
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-12-12 07:12:50
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1185
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality P2P
Date
2014-12-07 12:12:20
IP
31.40.6.40
Domain
69.195.140.124:9674 Active
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Bot Version
Network 3
Port
59153
Threat
1
Destination Port
9674
Type
P2P UDP
Access Count
1
Botnet
Sality
Date
2014-11-29 02:11:45
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1309
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-22 07:11:27
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1890
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-17 05:11:24
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49174
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-16 11:11:56
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1110
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-13 01:11:25
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49308
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-11 08:11:07
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1094
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-10 09:11:03
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49273
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-09 03:11:21
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1077
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-08 07:11:13
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1168
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-11-02 10:11:54
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1292
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-10-31 09:10:58
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49308
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality P2P
Date
2014-10-29 07:10:26
IP
31.40.6.40
Domain
69.195.140.124:9674 Active
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Bot Version
Network 3
Port
1229
Threat
1
Destination Port
9674
Type
P2P UDP
Access Count
1
Botnet
Sality
Date
2014-10-29 07:10:10
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1072
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-10-21 06:10:01
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49297
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-10-16 02:10:33
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
55367
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality P2P
Date
2014-10-15 08:10:07
IP
31.40.6.40
Domain
69.195.140.124:9674 Active
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Bot Version
Network 3
Port
3875
Threat
1
Destination Port
9674
Type
P2P UDP
Access Count
1
Botnet
Sality P2P
Date
2014-10-15 08:10:20
IP
31.40.6.40
Domain
69.195.140.124:9674 Active
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Bot Version
Network 3
Port
3801
Threat
1
Destination Port
9674
Type
P2P UDP
Access Count
1
Botnet
Sality
Date
2014-10-15 07:10:27
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
3267
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-10-14 02:10:00
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
58737
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-10-12 08:10:22
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1123
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-10-01 09:10:06
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1081
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-30 04:09:30
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49188
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-28 07:09:59
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1063
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-24 03:09:54
IP
31.40.6.40
Domain
noralvasanchez.com
User Agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50728)
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/s.jpg?2508e6=16989770
OS
Windows XP
Browser
IE 7.0
Port
49572
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-21 05:09:47
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49191
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-18 11:09:04
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49289
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-14 04:09:15
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
2291
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-13 07:09:22
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1104
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-09-10 02:09:42
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1119
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-08-14 07:08:19
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1130
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-08-13 01:08:03
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49277
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-08-05 07:08:09
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49179
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality P2P
Date
2014-07-31 10:07:26
IP
31.40.6.40
Domain
69.195.140.124:9674 Active
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Bot Version
Network 3
Port
1338
Threat
1
Destination Port
9674
Type
P2P UDP
Access Count
1
Botnet
Sality
Date
2014-07-31 09:07:16
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1953
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-07-27 03:07:15
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49256
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-07-25 08:07:56
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1203
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-07-20 09:07:32
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
49402
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-07-18 04:07:15
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1268
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-07-10 07:07:21
IP
31.40.6.40
Domain
hzmksreiuojy.biz
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/ldr.php
OS
Other
Browser
Other
Port
1168
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-29 03:06:59
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49219
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-27 09:06:54
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1239
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-23 11:06:27
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49190
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-22 04:06:43
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
60640
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-21 10:06:33
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
50002
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-20 08:06:52
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49469
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-08 03:06:15
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
4439
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-06-04 01:06:21
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
2192
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-05-31 05:05:31
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
1817
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-05-28 07:05:42
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49432
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality
Date
2014-05-21 06:05:46
IP
31.40.6.40
Domain
ygiudewsqhct.in
User Agent
Mozilla/4.0
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/in.php
OS
Other
Browser
Other
Port
49354
Threat
1
Destination Port
80
Type
HTTP
Access Count
1
Botnet
Sality P2P
Date
2014-05-10 05:05:16
IP
31.40.6.40
Domain
69.195.140.124:9674 Active
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Bot Version
Network 3
Port
1261
Threat
1
Destination Port
9674
Type
P2P UDP
Access Count
1
Botnet
Bamital
Date
2014-01-28 08:01:58
IP
31.40.6.40
Domain
cdd3ff24c7f620244216a6de9ce62668.cz.cc
User Agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/message.php?subid=2418&br=IE_6.00&os=12&flg=8&id=501B83CE6E0C9A0EA6BE6AE5E795B7A6&ad=&ver=_if20
OS
Windows XP
Browser
IE 7.0
Port
1663
Threat
1
Type
HTTP
Access Count
1
Botnet
Sality
Date
2013-12-15 07:12:51
IP
31.40.6.40
Domain
noralvasanchez.com
User Agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.1.50700)
Country
Iran, Islamic Republic of
Organization
Mehr Ava Gostar Parsian Information Engineering Co
ISP
Mehr Ava Gostar Parsian Information Engineering Co
ASN
AS56703 Mehr Ava Gostar Parsian Information Engineering Co.ltd
Latitude
28.5168
Longitude
53.2773
Request Path
/s.jpg?43ae2=1663308
OS
Windows XP
Browser
IE 7.0
Port
1139
Threat
1
Destination Port
80
Type
HTTP
Access Count
1