Overview

URL wd4o.com/guh.exe
IP74.206.232.234
ASNAS27257 Webair Internet Development Company Inc.
Location United States
Report completed2019-05-21 23:08:52 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-05-21 2 wd4o.com/guh.exe Malware
2019-05-21 2 wd4o.com/ Malware
2019-05-21 2 wd4o.com/ Malware
DNS-BH  No alerts detected
mnemonic secure dns
Added / Verified Severity Host Comment
2019-05-21 2 wd4o.com Blacklisted
2019-05-21 2 wd4o.com Blacklisted
2019-05-21 2 wd4o.com Blacklisted
2019-05-21 2 wd4o.com Blacklisted
2019-05-21 2 wd4o.com Blacklisted
2019-05-21 2 wd4o.com Blacklisted
2019-05-21 2 wd4o.com Blacklisted


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 74.206.232.234

Date UQ / IDS / BL URL IP
2019-06-10 15:23:44 +0200
0 - 0 - 1 eucontotudo.com/data/Validation 74.206.232.234
2019-06-10 15:06:03 +0200
0 - 0 - 3 cpvsimplebusiness.com/ztt 74.206.232.234
2019-06-10 12:12:49 +0200
0 - 0 - 3 duanvinhomeshanoi.net/0mkhedrp/com/business 74.206.232.234
2019-06-10 09:28:38 +0200
0 - 0 - 2 hlfjgurbaln.com/ 74.206.232.234
2019-06-10 01:40:44 +0200
0 - 1 - 0 p1-dev.com/ 74.206.232.234
2019-06-09 14:12:54 +0200
0 - 0 - 14 dhm-mhn.com/sunday/htasepblater.hta 74.206.232.234
2019-06-09 14:12:51 +0200
0 - 0 - 13 dhm-mhn.com/ifeoma/htadb2.hta 74.206.232.234
2019-06-09 14:12:50 +0200
0 - 0 - 13 dhm-mhn.com/ifeoma/htabl.hta 74.206.232.234
2019-06-09 14:12:49 +0200
0 - 0 - 14 dhm-mhn.com/sunday/htasidney.hta 74.206.232.234
2019-06-09 14:12:47 +0200
0 - 1 - 10 dhm-mhn.com/personal/htaanyi.hta 74.206.232.234

Last 10 reports on ASN: AS27257 Webair Internet Development Company Inc.

Date UQ / IDS / BL URL IP
2019-07-01 09:20:14 +0200
0 - 0 - 0 ladsblue.com 198.134.112.243
2019-06-30 17:07:04 +0200
0 - 0 - 0 vidsdelivery.com 198.134.112.244
2019-06-30 17:00:20 +0200
0 - 0 - 0 7hu8e1u001.com 198.134.112.241
2019-06-30 05:29:12 +0200
0 - 0 - 0 https://newaprads.com/vjrncnd0i 198.134.112.241
2019-06-30 00:50:03 +0200
0 - 0 - 0 ladsblue.com 198.134.112.243
2019-06-30 00:44:10 +0200
0 - 0 - 0 pl12574102.puhtml.com/80/3f/af/803fafcd69c706 (...) 198.134.112.244
2019-06-27 15:06:52 +0200
0 - 0 - 0 exi8ef83z9.com 198.134.112.243
2019-06-27 13:13:46 +0200
0 - 0 - 0 https://mob.kaipirinhaloka.xyz/redirect?feed= (...) 198.134.116.30
2019-06-27 08:45:13 +0200
0 - 0 - 1 uod2quk646.com 198.134.112.241
2019-06-27 05:48:26 +0200
0 - 0 - 0 class2deal.com 198.134.112.242

Last 10 reports on domain: wd4o.com

Date UQ / IDS / BL URL IP
2019-06-07 10:17:54 +0200
0 - 0 - 10 wd4o.com/rfsc27382.exe 74.206.232.234
2019-06-06 07:54:58 +0200
0 - 1 - 10 wd4o.com/guh.exe 74.206.232.234
2019-06-05 23:23:48 +0200
0 - 1 - 10 wd4o.com/bn.exe 74.206.232.234
2019-06-05 12:24:03 +0200
0 - 1 - 10 wd4o.com/bn.exe 74.206.232.234
2019-05-30 02:49:36 +0200
0 - 1 - 10 wd4o.com/bn.exe 74.206.232.234
2019-05-27 09:28:01 +0200
0 - 0 - 10 wd4o.com/fsrf.exe 74.206.232.234
2019-05-27 03:45:58 +0200
0 - 1 - 10 wd4o.com/csd.exe 74.206.232.234
2019-05-23 17:47:47 +0200
0 - 0 - 14 wd4o.com/rfkl4532.exe 74.206.232.234
2019-05-21 01:32:53 +0200
0 - 1 - 10 wd4o.com/bn.exe 74.206.232.234
2019-05-15 17:20:25 +0200
0 - 0 - 10 wd4o.com/fsrf.exe 74.206.232.234


JavaScript

Executed Scripts (3)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (18)


Request Response
                                        
                                            GET /guh.exe HTTP/1.1 
Host: wd4o.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.206.232.234
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 21 May 2019 21:08:19 GMT
Content-Length: 154
Connection: keep-alive
Location: http://wd4o.com/


--- Additional Info ---
Magic:  HTML document text
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET / HTTP/1.1 
Host: wd4o.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.206.232.234
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Tue, 21 May 2019 21:08:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   422
Md5:    ae56af4a2f0c21f44cfa9b5f8d56d1d8
Sha1:   c7488dde2f1efe3c0799a9d1933f910f3f5f1463
Sha256: 346a032124395bdda9fcb1364955b06c0294928d3682e0c0f9fdb9eb7af5d386

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: wd4o.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         74.206.232.234
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 21 May 2019 21:08:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   125
Md5:    239540730a71a3ab34f1c0f1f87ae03e
Sha1:   4fd8d8975e2d3404e8ac5e2721c1b647ae65d59c
Sha256: 36d5cec09fddadf8132407e8f8c56956c85367dc3d598a1531214a55cca6b368

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            POST / HTTP/1.1 
Host: wd4o.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wd4o.com/

                                         
                                         74.206.232.234
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Tue, 21 May 2019 21:08:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjg3LCJmZWVkSWQiOjYxLCJ0cyI6MTU1ODQ3MjkwMCwiaGFzaCI6IjcxNmJhMmY1In0=;Expires=Tue, 21-May-2019 22:08:20 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   300
Md5:    e8fa97c1ce45b374ae3993951647dfac
Sha1:   3086908e52a77b5729ec007a50f70371ab70a6a8
Sha256: d70e5f123bf611fad967f674700996e73c968c6f34a393de243cbd977f232390

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: wd4o.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjg3LCJmZWVkSWQiOjYxLCJ0cyI6MTU1ODQ3MjkwMCwiaGFzaCI6IjcxNmJhMmY1In0=

                                         
                                         74.206.232.234
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 21 May 2019 21:08:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   125
Md5:    239540730a71a3ab34f1c0f1f87ae03e
Sha1:   4fd8d8975e2d3404e8ac5e2721c1b647ae65d59c
Sha256: 36d5cec09fddadf8132407e8f8c56956c85367dc3d598a1531214a55cca6b368

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.51.153
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125329
Date: Tue, 21 May 2019 21:08:20 GMT
Etag: "5ce39d57-1d7"
Expires: Thu, 23 May 2019 07:57:09 GMT
Last-Modified: Tue, 21 May 2019 06:40:23 GMT
Server: ECS (phd/FD62)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c7.cloudfront.net (CloudFront)
X-Amz-Cf-Id: j5P8FwdfmFZNvS22P2szHWzaU6Mqe-JQyQdcQRCf1u447Vd20SL8cQ==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    20cf97d32f55ec71ea8a7fe16fc92030
Sha1:   0af3938e7a36637a031c011a36cad83fbe9aeacc
Sha256: 64daa19d705c58d9ff3aedc5b5ba744c810d7ff13a180e62707da8917dbf520f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.rootca1.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         143.204.51.148
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1426
Connection: keep-alive
Date: Tue, 21 May 2019 21:08:21 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.8/2018-10-18)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ZA30-nE_ACaPvMhdlpCL53mV_JYgJ1d3ivd0dwKVYv0H40hdtnOvCw==


--- Additional Info ---
Magic:  data
Size:   1426
Md5:    5d7c96d0c4f6a75cb14ae1e4f7e53ca1
Sha1:   dada0e54294c6671435084071e90e2e54ab21b37
Sha256: 42846330900e701b403db81e8c9028741a584c99abaf24e15dbaea2565315adc
                                        
                                            GET /tr?id=01eebee937ef8907bd4a146815cdb2f1ddc3fef3af.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1OWMyNjMwYTU4NTg4ZGNmMDNkZTUzZmUiLCJ0cyI6IjA1MjEyMTA4IiwiZCI6IndkNG8uY29tIn0.hSAstsHpe4QumG3k2b5mprUqJnQAF7MIXtTzOdNZtVE HTTP/1.1 
Host: gmn.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wd4o.com/

                                         
                                         54.85.168.127
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 21 May 2019 21:08:21 GMT
Content-Length: 2121
Connection: keep-alive
P3P: CP="CUR NOI NID STA STP"
X-Robots-Tag: noindex, nofollow
Set-Cookie: checkme=a287d5552468a8e74cd317fba3a5bf7eb789; Path=/


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   2121
Md5:    6a524bfc243409b96255cfa6e4711534
Sha1:   5cbfba2df5a2e6560367034d5e94fc8c0d7bd135
Sha256: 5568812c74c5eccae44e581ff45fd6d39ce9c5bd54ba11efae66a52c739336a0
                                        
                                            GET /trx?id=01eebee937ef8907bd4a146815cdb2f1ddc3fef3af.r&confirm=a287d5552468a8e74cd317fba3a5bf7e&size=886704&noframe=1&tnc_ref=http%3A%2F%2Fwd4o.com%2F&reftaken=feed&refEqual=true HTTP/1.1 
Host: gmn.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://gmn.runtnc.net/tr?id=01eebee937ef8907bd4a146815cdb2f1ddc3fef3af.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1OWMyNjMwYTU4NTg4ZGNmMDNkZTUzZmUiLCJ0cyI6IjA1MjEyMTA4IiwiZCI6IndkNG8uY29tIn0.hSAstsHpe4QumG3k2b5mprUqJnQAF7MIXtTzOdNZtVE
Cookie: checkme=a287d5552468a8e74cd317fba3a5bf7eb789

                                         
                                         54.85.168.127
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 21 May 2019 21:08:21 GMT
Content-Length: 164
Connection: keep-alive
P3P: CP="CUR NOI NID STA STP"
X-Robots-Tag: noindex, nofollow
Referrer-Policy: no-referrer


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   164
Md5:    354f26bfb96140230ce9bd3785a356a7
Sha1:   bef8e76ec9567c925aa03212ede76e2d395a4d62
Sha256: 9d60104acdc419df4d55978e08bcc3f6fee2ae51329e28294b4cd2ad6aa4a84e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gmn.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: checkme=a287d5552468a8e74cd317fba3a5bf7eb789

                                         
                                         54.85.168.127
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 21 May 2019 21:08:21 GMT
Content-Length: 150
Connection: keep-alive
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   150
Md5:    84241342d84ac29592a5d9516f8edf7f
Sha1:   03c53980e18e17625f439c20e7d438f066202428
Sha256: 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "4FEE6D2C2CAAEF2BBBD2D832DA2AA8695DFF7D3F347EE029CDC54263169D6A58"
Last-Modified: Tue, 21 May 2019 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9214
Expires: Tue, 21 May 2019 23:41:56 GMT
Date: Tue, 21 May 2019 21:08:22 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    b72272f76d2d2d35c7ffecdf56416261
Sha1:   fa266468f55e69f2b5c82e66e0c6c1bf2900a4f0
Sha256: 4fee6d2c2caaef2bbbd2d832da2aa8695dff7d3f347ee029cdc54263169d6a58
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.26
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Content-Transfer-Encoding: Binary
Last-Modified: Sat, 18 May 2019 23:21:14 GMT
Etag: "53eb4eb526983d12f4d0e7d5d6f97583e4a83622"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=30550
Expires: Wed, 22 May 2019 05:37:32 GMT
Date: Tue, 21 May 2019 21:08:22 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    a87123bd1d322afc5990a4ccce594576
Sha1:   53eb4eb526983d12f4d0e7d5d6f97583e4a83622
Sha256: 0b50c846dbb78c92885c681139cfa3da783969b6950912985a438080b0916303
                                        
                                            GET /index.php?key=5hayseb94jkdvi463fc6&cpc=0.0092&sourceid=5ab35e9b651bae18c4058020&match=ron&carrier=wifi&mob_pf=windows&country=NO HTTP/1.1 
Host: secure.clicktrkservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://gmn.runtnc.net/tr?id=01eebee937ef8907bd4a146815cdb2f1ddc3fef3af.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1OWMyNjMwYTU4NTg4ZGNmMDNkZTUzZmUiLCJ0cyI6IjA1MjEyMTA4IiwiZCI6IndkNG8uY29tIn0.hSAstsHpe4QumG3k2b5mprUqJnQAF7MIXtTzOdNZtVE

                                         
                                         207.154.246.26
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.14.0
Date: Tue, 21 May 2019 21:08:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=y9tl7sktvr; expires=Wed, 22-May-2019 21:08:22 GMT; Max-Age=86400; path=/
Location: https://google-en.supersalegiveaways.club/v102102-en-A/index.php?isp=Broadnet%20AS&lpkey=15f8583e4792322c02&uclick=y9tl7sktvr
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gmn.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: checkme=a287d5552468a8e74cd317fba3a5bf7eb789

                                         
                                         54.85.168.127
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 21 May 2019 21:08:22 GMT
Content-Length: 150
Connection: keep-alive
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   150
Md5:    84241342d84ac29592a5d9516f8edf7f
Sha1:   03c53980e18e17625f439c20e7d438f066202428
Sha256: 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: wd4o.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjg3LCJmZWVkSWQiOjYxLCJ0cyI6MTU1ODQ3MjkwMCwiaGFzaCI6IjcxNmJhMmY1In0=

                                         
                                         74.206.232.234
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 21 May 2019 21:08:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   125
Md5:    239540730a71a3ab34f1c0f1f87ae03e
Sha1:   4fd8d8975e2d3404e8ac5e2721c1b647ae65d59c
Sha256: 36d5cec09fddadf8132407e8f8c56956c85367dc3d598a1531214a55cca6b368

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gmn.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: checkme=a287d5552468a8e74cd317fba3a5bf7eb789

                                         
                                         54.85.168.127
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 21 May 2019 21:08:23 GMT
Content-Length: 150
Connection: keep-alive
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   150
Md5:    84241342d84ac29592a5d9516f8edf7f
Sha1:   03c53980e18e17625f439c20e7d438f066202428
Sha256: 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: wd4o.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjg3LCJmZWVkSWQiOjYxLCJ0cyI6MTU1ODQ3MjkwMCwiaGFzaCI6IjcxNmJhMmY1In0=

                                         
                                         74.206.232.234
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 21 May 2019 21:08:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   125
Md5:    239540730a71a3ab34f1c0f1f87ae03e
Sha1:   4fd8d8975e2d3404e8ac5e2721c1b647ae65d59c
Sha256: 36d5cec09fddadf8132407e8f8c56956c85367dc3d598a1531214a55cca6b368

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /v102102-en-A/index.php?isp=Broadnet%20AS&lpkey=15f8583e4792322c02&uclick=y9tl7sktvr HTTP/1.1 
Host: google-en.supersalegiveaways.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://gmn.runtnc.net/tr?id=01eebee937ef8907bd4a146815cdb2f1ddc3fef3af.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1OWMyNjMwYTU4NTg4ZGNmMDNkZTUzZmUiLCJ0cyI6IjA1MjEyMTA4IiwiZCI6IndkNG8uY29tIn0.hSAstsHpe4QumG3k2b5mprUqJnQAF7MIXtTzOdNZtVE

                                         
                                         0.0.0.0
                                        


--- Additional Info ---