| securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=8815109719828618316&click_id=36MWvM_1TVgL7_dJwnskvja90_X3Z2AvdjA8C&cost=0.008631810764401013&creative_id=75806&key=ca5hms7j4ursa2wn90ch&skin_id=10&source_id=48315147&spot_id= | 109.206.176.79 | 302 Found | 0 B |
URL User Request GET HTTP/1.1securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=8815109719828618316&click_id=36MWvM_1TVgL7_dJwnskvja90_X3Z2AvdjA8C&cost=0.008631810764401013&creative_id=75806&key=ca5hms7j4ursa2wn90ch&skin_id=10&source_id=48315147&spot_id= IP109.206.176.79:443
CertificateIssuerLet's Encrypt Subjectsecuresentry.click FingerprintA9:C2:B2:E0:04:C5:81:4E:FC:1A:CF:8E:87:F8:A3:E7:65:2C:FD:5C ValidityMon, 25 Mar 2024 09:22:07 GMT - Sun, 23 Jun 2024 09:22:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=8815109719828618316&click_id=36MWvM_1TVgL7_dJwnskvja90_X3Z2AvdjA8C&cost=0.008631810764401013&creative_id=75806&key=ca5hms7j4ursa2wn90ch&skin_id=10&source_id=48315147&spot_id= HTTP/1.1
Host: securesentry.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Sat, 04 May 2024 06:50:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Location: https://securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=8815109719828618316&click_id=36MWvM_1TVgL7_dJwnskvja90_X3Z2AvdjA8C&cost=0.008631810764401013&creative_id=75806&skin_id=10&source_id=48315147&spot_id=&key=z75jl3uadd4hfyu1isze
Strict-Transport-Security: max-age=31536000
|
|
| securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=8815109719828618316&click_id=36MWvM_1TVgL7_dJwnskvja90_X3Z2AvdjA8C&cost=0.008631810764401013&creative_id=75806&skin_id=10&source_id=48315147&spot_id=&key=z75jl3uadd4hfyu1isze | 109.206.176.79 | 302 Found | 0 B |
URL User Request GET HTTP/1.1securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=8815109719828618316&click_id=36MWvM_1TVgL7_dJwnskvja90_X3Z2AvdjA8C&cost=0.008631810764401013&creative_id=75806&skin_id=10&source_id=48315147&spot_id=&key=z75jl3uadd4hfyu1isze IP109.206.176.79:443
CertificateIssuerLet's Encrypt Subjectsecuresentry.click FingerprintA9:C2:B2:E0:04:C5:81:4E:FC:1A:CF:8E:87:F8:A3:E7:65:2C:FD:5C ValidityMon, 25 Mar 2024 09:22:07 GMT - Sun, 23 Jun 2024 09:22:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=8815109719828618316&click_id=36MWvM_1TVgL7_dJwnskvja90_X3Z2AvdjA8C&cost=0.008631810764401013&creative_id=75806&skin_id=10&source_id=48315147&spot_id=&key=z75jl3uadd4hfyu1isze HTTP/1.1
Host: securesentry.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Sat, 04 May 2024 06:50:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Set-Cookie: uclick=fnxsfy1nvr; expires=Sun, 05-May-2024 06:50:43 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=fnxsfy1nvr-fnxsfy1nvr-g5tl-0-us520-c815fe-zwu33y-c06c88; expires=Sun, 05-May-2024 06:50:43 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184
Strict-Transport-Security: max-age=31536000
|
|
| utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184 | 18.159.220.225 | 404 Not Found | 0 B |
URL User Request GET HTTP/1.1utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184 IP18.159.220.225:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184 HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 04 May 2024 06:50:43 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: ydt_89d1392973ad4570a8eb9e51cbfc5910="[]:1s39EJ:1Bg39UInquFyTRb9RVhC6xbJ6Lc"; expires=Mon, 03 Jun 2024 08:50:43 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184 | 18.159.220.225 | 404 Not Found | 0 B |
URL User Request GET HTTP/1.1utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184 IP18.159.220.225:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184 HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 04 May 2024 06:50:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Server: nginx/1.14.2
Cache-Control: no-transform
X-Frame-Options: SAMEORIGIN
Vary: Accept-Language, Cookie, Origin
Content-Language: en
Set-Cookie: ydt_89d1392973ad4570a8eb9e51cbfc5910="[]:1s39EJ:1Bg39UInquFyTRb9RVhC6xbJ6Lc"; expires=Mon, 03 Jun 2024 08:50:43 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
|
|
| utilt-glo.streamdigitalworks.com/favicon.ico | 18.159.220.225 | 204 No Content | 0 B |
URL GET HTTP/1.1utilt-glo.streamdigitalworks.com/favicon.ico IP18.159.220.225:80
Requested byhttp://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=c7a2efnxsfy1nvr184
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Sat, 04 May 2024 06:50:44 GMT
Connection: keep-alive
Server: nginx/1.14.2
|
|