Overview

URL owl.li/fxpD30nv4ld
IP54.183.132.164
ASNAS16509 Amazon.com, Inc.
Location United States
Report completed2019-02-16 08:25:34 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-16 2 owl.li/fxpD30nv4ld Phishing
2019-02-16 2 ow.ly/fxpD30nv4ld Phishing
2019-02-16 2 clickmetertracking.com/cu78 Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 54.183.132.164

Date UQ / IDS / BL URL IP
2019-06-21 17:39:48 +0200
0 - 0 - 1 owl.li/TOWO30oUKq5#1UACfDDPYIuO3yOcw9 54.183.132.164
2019-06-09 16:20:46 +0200
0 - 0 - 1 ow.ly/TUb630n09dd 54.183.132.164
2019-06-09 15:44:05 +0200
0 - 0 - 3 owl.li/CNLu30mdwcF 54.183.132.164
2019-06-05 11:44:33 +0200
0 - 0 - 0 ht.ly/meBQ30oSMIh#VrE7HAmduAGwXMctut62 54.183.132.164
2019-05-30 15:36:25 +0200
0 - 0 - 1 ht.ly/sbQh30oPU1E 54.183.132.164
2019-05-23 21:52:06 +0200
0 - 0 - 1 ow.ly/S9z930jL0MT 54.183.132.164
2019-05-13 18:18:52 +0200
0 - 3 - 0 ow.ly/mAE630oIANi 54.183.132.164
2019-05-12 07:59:27 +0200
0 - 0 - 2 ht.ly/hAem30oHqN0 54.183.132.164
2019-05-07 05:35:22 +0200
0 - 0 - 1 ow.ly/MYF830owPnA 54.183.132.164
2019-05-05 14:44:23 +0200
0 - 0 - 2 htl.li/YoMr30nxY0Q 54.183.132.164

Last 10 reports on ASN: AS16509 Amazon.com, Inc.

Date UQ / IDS / BL URL IP
2019-07-01 11:19:16 +0200
0 - 0 - 0 https://www.goodreads.com/videos/151825-ginuiae 54.239.26.220
2019-07-01 09:38:28 +0200
0 - 0 - 0 https://www.deviantart.com/streaming201/journ (...) 54.230.231.64
2019-07-01 09:29:28 +0200
0 - 0 - 0 https://www.deviantart.com/streaming201/journ (...) 54.230.231.52
2019-07-01 07:35:45 +0200
0 - 0 - 0 https://www.deviantart.com/uhdmovies/art/VOIR (...) 54.230.231.52
2019-07-01 07:34:48 +0200
0 - 0 - 0 https://www.deviantart.com/uhdmovies/art/Spid (...) 54.230.231.53
2019-07-01 06:51:24 +0200
0 - 0 - 0 t1200.jp 52.69.157.111
2019-07-01 05:48:05 +0200
0 - 0 - 0 https://www.deviantart.com/uhdmovies/art/REGA (...) 54.230.231.64
2019-07-01 04:41:18 +0200
0 - 0 - 0 https://www.deviantart.com/uhdmovies/art/VOIR (...) 54.230.231.64
2019-07-01 04:16:05 +0200
0 - 0 - 0 https://www.deviantart.com/uhdmovies/art/ReGA (...) 54.230.231.59
2019-07-01 03:51:30 +0200
0 - 0 - 0 redmine.gpf-info.com 54.64.158.31

Last 10 reports on domain: owl.li

Date UQ / IDS / BL URL IP
2019-06-21 17:39:48 +0200
0 - 0 - 1 owl.li/TOWO30oUKq5#1UACfDDPYIuO3yOcw9 54.183.132.164
2019-06-20 05:46:55 +0200
0 - 0 - 1 owl.li/C5pb30oYdaZ 54.67.120.65
2019-06-10 16:02:51 +0200
0 - 0 - 1 owl.li/QESCE 54.67.57.56
2019-06-09 16:22:15 +0200
0 - 0 - 2 owl.li/TUb630n09dd 54.183.130.144
2019-06-09 16:13:25 +0200
0 - 0 - 2 owl.li/Q0Dl30mWcFf 54.183.130.144
2019-06-09 16:04:19 +0200
0 - 0 - 2 owl.li/kRSo30n0d0z 54.183.131.91
2019-06-09 15:44:05 +0200
0 - 0 - 3 owl.li/CNLu30mdwcF 54.183.132.164
2019-06-09 15:25:39 +0200
0 - 0 - 3 owl.li/2xHi30mbX6o 54.67.62.204
2019-05-31 00:38:38 +0200
0 - 0 - 5 owl.li/RhUa30m2CXA 54.67.62.204
2019-05-22 23:21:31 +0200
0 - 0 - 0 owl.li/eCfo30oNLYF#iE76HDuEnutE52ntxPlIfKaDVo (...) 54.67.120.65


JavaScript

Executed Scripts (3)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (10)


Request Response
                                        
                                            GET /fxpD30nv4ld HTTP/1.1 
Host: owl.li
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         54.183.132.164
HTTP/1.1 301 Moved Permanently
                                        
Location: http://ow.ly/fxpD30nv4ld
Connection: close
Content-Length: 0


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /fxpD30nv4ld HTTP/1.1 
Host: ow.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         54.67.57.56
HTTP/1.1 301 Moved Permanently
                                        
Location: http://clickmetertracking.com/cu78
Connection: close
Content-Length: 0


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /cu78 HTTP/1.1 
Host: clickmetertracking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         54.225.212.76
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sat, 16 Feb 2019 07:25:02 GMT
Engine: clickmeter.redirect, version 2.0
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 299
X-Rate-Limit-Reset: 2019-02-16T07:25:22.8288300Z
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1339
Md5:    ec0c1e8da4e9ea0fd4e36aa8bfae3aff
Sha1:   9eae14fed4710856f2cc533fc386a325d5867e63
Sha256: ce6149d96b72794f21142347af61aff3b8e6c2ede2015798a87b97ba8f3d3e38

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=102288
Date: Sat, 16 Feb 2019 07:25:03 GMT
Etag: "5c6688fa-1d7"
Expires: Sun, 17 Feb 2019 11:49:51 GMT
Last-Modified: Fri, 15 Feb 2019 09:40:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    54e1e41e6d9d631e1be25eb4accde0ff
Sha1:   bcc19863bd93fc72cbd689abcaa35a30112ae177
Sha256: 715177f0b99a4ce6d98f102657c9063a7fedf0f5e5331e8bf8b032e4c0dbe99f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=159713
Date: Sat, 16 Feb 2019 07:25:03 GMT
Etag: "5c6767b9-1d7"
Expires: Mon, 18 Feb 2019 03:46:56 GMT
Last-Modified: Sat, 16 Feb 2019 01:30:33 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    dc0a956148524c8d9bff5e9a76a45546
Sha1:   395a4f4d698aaffcf299c249ed051c14b2ffe980
Sha256: 9183c9b926539241637e025678ef98f6951297889738ef8471e5e277808ec30c
                                        
                                            POST / HTTP/1.1 
Host: s.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1754
Content-Transfer-Encoding: binary
Cache-Control: max-age=422473, public, no-transform, must-revalidate
Last-Modified: Thu, 14 Feb 2019 04:45:13 GMT
Expires: Thu, 21 Feb 2019 04:45:13 GMT
Date: Sat, 16 Feb 2019 07:25:03 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1754
Md5:    a711b2f756e03611d570f65fd8491181
Sha1:   7bdb8c0a80d5b81ac55617fec50a18738ac7b99c
Sha256: f89074681eb5ef3749c6601df8007fc7659f821d0f98af9e8aa08142b23345b7
                                        
                                            GET /redirect-cm/v1/content/styles/nprogress.css HTTP/1.1 
Host: d19nyn3hrzs6lg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clickmetertracking.com/cu78

                                         
                                         143.204.51.29
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 1531
Connection: keep-alive
Date: Wed, 25 Jul 2018 16:48:25 GMT
Last-Modified: Tue, 09 Aug 2016 14:27:00 GMT
Etag: "b860fa714a808e442b01396841a89622"
Accept-Ranges: bytes
Server: AmazonS3
Age: 26189
X-Cache: Hit from cloudfront
Via: 1.1 f079cf7999e97a7d962121c7aebf2c3c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Z_VoukDSDzjDKXwulNHODQVp6S5N7BF3jzaECcOPzl1zu8VkJFgYlg==


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C program text, with CRLF line terminators
Size:   1531
Md5:    b860fa714a808e442b01396841a89622
Sha1:   8c9363a06d6dc29f7acd833d545aaea3a832fd34
Sha256: b324a27797d093617e6286d9ded96782d741b40576bdb97d9b22d8bbf6ff2970
                                        
                                            GET /redirect-cm/v1/content/scripts/nprogress.js HTTP/1.1 
Host: d19nyn3hrzs6lg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clickmetertracking.com/cu78

                                         
                                         143.204.51.29
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 14234
Connection: keep-alive
Date: Wed, 25 Jul 2018 16:48:25 GMT
Last-Modified: Tue, 09 Aug 2016 14:26:59 GMT
Etag: "becc90ab00d3bb994ff072c30c4735c0"
Accept-Ranges: bytes
Server: AmazonS3
Age: 26189
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: uy2yFYNZmyDmfNDEA686B5DFewvBNTmkEd6mBwa-gaGyTV6_GXLBbQ==


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C program text, with CRLF line terminators
Size:   14234
Md5:    becc90ab00d3bb994ff072c30c4735c0
Sha1:   1d38889b9c19374097df0f43431a36a7bb90f7a0
Sha256: 7e97780ee4f0eff1a73d22ae6623054986ff2b7f45fea8f71a03f28f7090a81b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: clickmetertracking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         54.225.212.76
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Accept-Ranges: bytes
Date: Sat, 16 Feb 2019 07:25:05 GMT
Etag: "1cfb7cdbb902f0a"
Last-Modified: Thu, 14 Aug 2014 14:40:46 GMT
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 298
X-Rate-Limit-Reset: 2019-02-16T07:25:22.8288300Z
Content-Length: 1034
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   1034
Md5:    9f73346515bbc6c406cfeea13c7304f0
Sha1:   66729b396d3082002e0b512aff3fc78a744bc3c2
Sha256: 90b3e6e1c6a8cda9bbae08d4262d5079cb6a93ca3e273b681552692ad465b5f0
                                        
                                            GET /adobe/nsw/data HTTP/1.1 
Host: fatouma.in.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clickmetertracking.com/cu78

                                         
                                         0.0.0.0
                                        


--- Additional Info ---