Overview

URL www.flyrlk.com/retarget?k=pub1c2f90b706a148ca8df9f288150a9398
IP104.31.68.218
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2017-09-14 09:54:45 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-09-14 2 apwvx.adsbtrack.com/c/245d96912e3e4930 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.31.68.218

Date UQ / IDS / BL URL IP
2017-09-19 01:23:18 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pub5bb9dda02a914fc8 (...) 104.31.68.218
2017-09-18 21:07:10 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pubabe8f9c352a642e2 (...) 104.31.68.218
2017-09-17 09:54:11 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pub7ee0635733cd43d7 (...) 104.31.68.218
2017-09-16 22:21:42 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pub60b6a30a634a4392 (...) 104.31.68.218
2017-09-16 16:43:45 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pub4fc57506c0da416a (...) 104.31.68.218
2017-09-15 21:43:50 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pub37d79ccc84c54d29 (...) 104.31.68.218
2017-09-15 19:56:17 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pub1fbd3f94e12441f4 (...) 104.31.68.218
2017-09-15 19:56:13 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pub60912ab61eaf4b69 (...) 104.31.68.218
2017-09-14 10:04:12 +0200
0 - 0 - 1 www.flyrlk.com/retarget?k=pubf8a76a32c3c84624 (...) 104.31.68.218
2017-09-13 17:56:47 +0200
0 - 0 - 2 www.flyrlk.com/retarget?k=pubb34baac473fe42fb (...) 104.31.68.218

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2017-09-19 15:31:37 +0200
4 - 0 - 0 decathlon.com-money.co/it-it/ 104.27.130.12
2017-09-19 15:28:34 +0200
0 - 0 - 0 104.18.55.167 104.18.55.167
2017-09-19 15:28:29 +0200
0 - 0 - 0 https://tinyurl.com/y9fzgxc9 104.20.219.42
2017-09-19 15:28:02 +0200
0 - 0 - 0 https://pastebin.com/raw/fnqya610 104.20.208.21
2017-09-19 15:25:47 +0200
0 - 0 - 1 www.clip4sale.co/ 104.24.101.157
2017-09-19 15:24:29 +0200
0 - 0 - 0 snip.ly/l82h8 104.25.85.12
2017-09-19 15:24:19 +0200
0 - 0 - 1 www.hotvnn.com/2011/12/clip-tre-trau-lam-tinh (...) 104.28.0.114
2017-09-19 15:23:00 +0200
4 - 0 - 0 hm.com-cheap.com 104.31.87.104
2017-09-19 15:22:39 +0200
0 - 0 - 0 https://exchange.xforce.ibmcloud.com 104.16.55.23
2017-09-19 15:22:26 +0200
0 - 0 - 2 https://cfsprosclients.com 104.25.174.25

No other reports on domain: flyrlk.com



JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (10)


Request Response
                                        
                                            GET /retarget?k=pub1c2f90b706a148ca8df9f288150a9398 HTTP/1.1 
Host: www.flyrlk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.31.69.218
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 14 Sep 2017 07:54:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd8ad6c9b8bd3a273ceadb7bfb6383b3c1505375652; expires=Fri, 14-Sep-18 07:54:12 GMT; path=/; domain=.flyrlk.com; HttpOnly
Content-Language: en
Vary: Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Server: cloudflare-nginx
CF-RAY: 39e1c6e697e142af-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   467
Md5:    87e6f24aa74109ae6f98d684204c4fc1
Sha1:   90d3a88b0877ca4e061fe89efffb35f555b026e8
Sha256: c5878f2c87d2d24978b66b7494f7cb26306e885d09214671a9e06a788f47019b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.flyrlk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dd8ad6c9b8bd3a273ceadb7bfb6383b3c1505375652

                                         
                                         104.31.69.218
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 14 Sep 2017 07:54:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: en
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: EXPIRED
Server: cloudflare-nginx
CF-RAY: 39e1c6e7701242af-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   170
Md5:    ea23b8d94368b86676230e89ec26ed9c
Sha1:   397b94b0e29486814bde56a93428e9b4ee9a6515
Sha256: da02c2fc72e6c1e080bf7f26d62f2115a169cb8e13e536a78b0961df9972653c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 07:54:13 GMT
Server: Apache
Last-Modified: Thu, 14 Sep 2017 04:05:54 GMT
Expires: Thu, 21 Sep 2017 04:05:54 GMT
Etag: 6A87581FFE4E5297A7209261402A027BDCE40BA5
Cache-Control: max-age=590500,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp31
Content-Length: 279
Connection: close


--- Additional Info ---
Magic:  data
Size:   279
Md5:    8ab1953252063689fd956834b5071d21
Sha1:   6a87581ffe4e5297a7209261402a027bdce40ba5
Sha256: 6364c44c1d4ac44d680c29d59960fe65a54d409c73d949aa2f3ed670dda97f5b
                                        
                                            GET /?s1=pub1c2f90b706a148ca8df9f288150a9398&pub=5b1fe564_18522_ HTTP/1.1 
Host: 79on.kide.gdn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.flyrlk.com/retarget?k=pub1c2f90b706a148ca8df9f288150a9398

                                         
                                         198.255.32.244
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty/1.11.2.2
Date: Thu, 14 Sep 2017 07:54:13 GMT
Content-Length: 191
Connection: keep-alive
Location: http://apwvx.adsbtrack.com/c/245d96912e3e4930


--- Additional Info ---
Magic:  HTML document text
Size:   191
Md5:    dbcd71d122507bb85f10b7da5f648963
Sha1:   51bf8d3d74a71feef1a13121ccc03549b309bab5
Sha256: 592952642db0bb5fbdffeb1f1481224b91230684ca5c0c044fe1c30a2941753d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 07:54:13 GMT
Server: Apache
Last-Modified: Mon, 11 Sep 2017 21:19:01 GMT
Expires: Mon, 18 Sep 2017 21:19:01 GMT
Etag: C9A884D93E4B996BF11A0272A62C45D7B41EAF15
Cache-Control: max-age=393287,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp31
Content-Length: 312
Connection: close


--- Additional Info ---
Magic:  data
Size:   312
Md5:    f0c2dcca1c41639b6c93d96a7f6e374f
Sha1:   c9a884d93e4b996bf11a0272a62c45d7b41eaf15
Sha256: f67438d81aa4a35aaf2d67ba2956d1a3f4fe3bb74f54be473fef2228358de918
                                        
                                            GET /c/245d96912e3e4930 HTTP/1.1 
Host: apwvx.adsbtrack.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.flyrlk.com/retarget?k=pub1c2f90b706a148ca8df9f288150a9398

                                         
                                         52.211.95.198
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 14 Sep 2017 08:01:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_283722=unique_283722; expires=Fri, 15-Sep-2017 07:54:13 GMT; Max-Age=86400; path=/ unique_id=59ba35a586650100852108; expires=Fri, 15-Sep-2017 07:54:13 GMT; Max-Age=86400; path=/ unique_283722=unique_283722; expires=Fri, 15-Sep-2017 07:54:13 GMT; Max-Age=86400; path=/ unique_id=59ba35a586650100852108; expires=Fri, 15-Sep-2017 07:54:13 GMT; Max-Age=86400; path=/
X-Powered-By: PHP/7.0.18
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1527
Md5:    b8c6ce176694ee3d842854c4efa19d3a
Sha1:   5457edbba786d3ba528a93b898bcc228de7975df
Sha256: 7bd5c66839aefd376265b0cd0e841ee3c8ca7af1c2dc4a9abe789a4fb4dcf442

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.flyrlk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dd8ad6c9b8bd3a273ceadb7bfb6383b3c1505375652

                                         
                                         104.31.69.218
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 14 Sep 2017 07:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: en
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Server: cloudflare-nginx
CF-RAY: 39e1c6fbb45342af-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   170
Md5:    ea23b8d94368b86676230e89ec26ed9c
Sha1:   397b94b0e29486814bde56a93428e9b4ee9a6515
Sha256: da02c2fc72e6c1e080bf7f26d62f2115a169cb8e13e536a78b0961df9972653c
                                        
                                            POST / HTTP/1.1 
Host: ss.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1609
Content-Transfer-Encoding: binary
Cache-Control: max-age=391214, public, no-transform, must-revalidate
Last-Modified: Mon, 11 Sep 2017 20:32:49 GMT
Expires: Mon, 18 Sep 2017 20:32:49 GMT
Date: Thu, 14 Sep 2017 07:54:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1609
Md5:    145dd61bb379b95ee9242d3efaa67687
Sha1:   381e9b7fb920553fa3da17dd7d3a3b84bc7303e6
Sha256: 009c946a69fb5a66ef466df2a1c61e1fe023d205937e56c1cc36b2dbe5434eac
                                        
                                            GET /images/jump-favicon.ico HTTP/1.1 
Host: cdn-def.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.159.219.16
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Content-Length: 1150
Last-Modified: Thu, 04 Dec 2014 12:51:55 GMT
Etag: "47e-509636cd61618"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 21 Sep 2017 07:54:16 GMT
Date: Thu, 14 Sep 2017 07:54:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    0952b9dfa1e4ebf0058592eee3302a73
Sha1:   097850b34d43b1d9557d1c67e144f86679a84be6
Sha256: dedda483c1ee58da9fb3d6f9f9ba972db18d893554a53673a32221bb3d93a701
                                        
                                            GET /rev.jpg HTTP/1.1 
Host: blank.addlnk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.18.46.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 14 Sep 2017 07:54:16 GMT
Content-Length: 7511
Connection: keep-alive
Set-Cookie: __cfduid=dfede77b846cb7444825c5469365a26d41505375656; expires=Fri, 14-Sep-18 07:54:16 GMT; path=/; domain=.addlnk.com; HttpOnly
x-amz-id-2: frOV6zT3TkT1N6SHdUJKMi+2z5yHmyl9vx89xrciprMALsm4maYftGpBHPmWIfmZi3b/vrVhOH0=
x-amz-request-id: F6509B3013F54107
Last-Modified: Fri, 17 Feb 2017 19:41:55 GMT
Etag: "c4cb57ada641118c959dc4ba26fc2c01"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 11:54:16 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 39e1c6fd0be74273-OSL


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   7511
Md5:    c4cb57ada641118c959dc4ba26fc2c01
Sha1:   6a685048b8ac0aeae4efbf65295ed18680815606
Sha256: d90be3dd46276799d59e95e627c0697ca4138220393de3d2e934e644e79711d5