Report - mcgroup.cl/

Report Overview

Submitted URL
mcgroup.cl/
IP
45.225.94.84
ASN
#263702 GRUPO ZGH SPA
Submitted
2024-05-08 06:24:59
Access
public
Website Title
mcgroup.cl/
Final URL
mcgroup.cl/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
glakaits.net	unknown	unknown	No data	No data	1.1 kB	7.7 kB	139.45.197.242
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-06	455 B	741 B	139.45.195.8
mcgroup.cl	unknown	unknown	No data	No data	880 B	931 B	45.225.94.84
inklinkor.com	unknown	2022-04-01	2022-04-01	2024-05-02	393 B	32 kB	172.67.211.29
wigrooglie.net	unknown	unknown	No data	No data	454 B	2.8 kB	139.45.197.242

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	inklinkor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	mcgroup.cl/	193 B	2023-03-11	2024-05-08
Pretty URL mcgroup.cl/ IP 45.225.94.84 ASN #263702 GRUPO ZGH SPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 12:47:01 Last Seen2024-05-08 08:25:06 Times Seen2 Hash ab2ca2164957a1fe0bbc22b45fe94ade f28a3b8474400af10bc4943da6b58d22cc6f770e d5b9e393900afd3d59a4b75ef0b11c4094fc9583719d20804cdebe3ccaade1d0 Loading...

	inklinkor.com/tag.min.js	90 kB	2024-05-07	2024-05-08
Pretty URL inklinkor.com/tag.min.js IP 172.67.211.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 06:18:20 Last Seen2024-05-08 13:13:48 Times Seen53 Hash adb1154d25ea3c93d9fd4f621fc6683e 8c4aedc566b2d788823febd93692d84d511cc538 fbac7039a741589bf52c73a346760ee23c8a3c72f474a29a1dfd1496aa9effe3 Loading...

HTTP Transactions (6)

URL IP Response Size

mcgroup.cl/

45.225.94.84

200 OK

178 B

URL User Request GET HTTP/2
mcgroup.cl/
IP
45.225.94.84:443
ASN
#263702 GRUPO ZGH SPA

Certificate
IssuerLet's Encrypt
Subject*.mcgroup.cl
Fingerprint7F:46:0F:FA:B7:94:36:8E:04:D5:73:38:22:36:B4:98:CA:84:74:3F
ValidityTue, 02 Apr 2024 19:43:36 GMT - Mon, 01 Jul 2024 19:43:35 GMT

File type
JavaScript source, ASCII text
Size
178 B (178 bytes)
Hash
4bad93549dbb813674998fab3ddbeb64
f63edb0963f0bfe4e0767f615027a713a3fe37dd
d025e768a513a42e04fc97c6f82545e07ac6c82b0fc51cc98e853bcaa8c526cf

HTTP Headers

GET / HTTP/1.1
Host: mcgroup.cl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, s-maxage=10
content-length: 178
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 06:24:34 GMT
server: Apache
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

172.67.211.29

200 OK

30 kB

URL GET HTTP/2
inklinkor.com/tag.min.js
IP
172.67.211.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mcgroup.cl/
Certificate
IssuerGoogle Trust Services LLC
Subjectinklinkor.com
Fingerprint28:84:D7:8F:63:D7:99:15:D5:E8:2C:F5:74:62:0D:94:C1:0A:EF:95
ValidityWed, 17 Apr 2024 17:58:45 GMT - Tue, 16 Jul 2024 17:58:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30530 bytes)
Hash
adb1154d25ea3c93d9fd4f621fc6683e
8c4aedc566b2d788823febd93692d84d511cc538
fbac7039a741589bf52c73a346760ee23c8a3c72f474a29a1dfd1496aa9effe3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mcgroup.cl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 06:24:35 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 070f825e09f0b96589abe8d4e016ecb0
cache-control: max-age=86400
last-modified: Tue, 07 May 2024 03:17:21 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 09 May 2024 05:56:01 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1714
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01te9K0zoeQ83nicGe4rAWS23Mu3h1VNaBq9aduDoF%2BX479nu2wd89jTK%2B9gCtUGFpgVvgAuF%2BQ5QNMmS8%2BSo5%2FezZL7VPk1eV1l8ZIfo5O%2B2rHgz8A%2FSZWSD5NsOaqc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88075e1f8d4f1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wigrooglie.net/5/5327717/?oo=1&js_build=iclick-v1.788.10-auto

139.45.197.242

200 OK

1.5 kB

URL GET HTTP/2
wigrooglie.net/5/5327717/?oo=1&js_build=iclick-v1.788.10-auto
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mcgroup.cl/
Certificate
IssuerLet's Encrypt
Subjectwigrooglie.net
FingerprintEF:4A:44:83:A9:78:0C:8F:85:B1:B3:3B:F0:A8:79:7A:1C:FE:39:3F
ValidityTue, 07 May 2024 00:49:13 GMT - Mon, 05 Aug 2024 00:49:12 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.5 kB (1487 bytes)
Hash
f4d72ad6c9f9c4c6e26891ebde8527d0
bb835dd7f5dbd19d62ede705588a5e48db6c613e
101eb35dfe9d09db8c01545e4ce73d94511c26b0cf9166d8a2f4f805afe27f82

HTTP Headers

GET /5/5327717/?oo=1&js_build=iclick-v1.788.10-auto HTTP/1.1
Host: wigrooglie.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mcgroup.cl
DNT: 1
Connection: keep-alive
Referer: https://mcgroup.cl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:24:36 GMT
content-type: application/json
x-trace-id: 2117170b49769c675e3b082a4329b725
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://mcgroup.cl
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080569294454154e05e205b15e1ee6b; expires=Thu, 08 May 2025 06:24:36 GMT; path=/; secure; SameSite=None
oaidts=1715149476; expires=Thu, 08 May 2025 06:24:36 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

glakaits.net/?rb=hH1Og8pQ-n39ADuwhIq5rfUjZi-7w_tMBNXEAZ_I01QS22_Lwx052MV1VblhL5rkilcdqSYe4bPNXaSoneAbhGXVdrintPKmUf8o210oswbuGIa25okVK9fGjef79HhJdKhYQptK_7vFvk_HhivMfIbXMd6kvkUk10GMkL8pdwMTYl78mTWtFuX-Ei1XmlLWDNcBSGaBjaHX4jHDuxQG9elyC0kdDk8C3xn0MZYjFTAJ1k4v0mZULnIf_kbZnnFSs0pbZQ%3D%3D&request_ab2=0&zoneid=5327717&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fmcgroup.cl%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&bs=c01122b9-2c17-406a-afbf-b4627be0eb6f&wasm=1&userId=0080569294454154e05e205b15e1ee6b&m=link

139.45.197.242

200 OK

6.6 kB

URL GET HTTP/2
glakaits.net/?rb=hH1Og8pQ-n39ADuwhIq5rfUjZi-7w_tMBNXEAZ_I01QS22_Lwx052MV1VblhL5rkilcdqSYe4bPNXaSoneAbhGXVdrintPKmUf8o210oswbuGIa25okVK9fGjef79HhJdKhYQptK_7vFvk_HhivMfIbXMd6kvkUk10GMkL8pdwMTYl78mTWtFuX-Ei1XmlLWDNcBSGaBjaHX4jHDuxQG9elyC0kdDk8C3xn0MZYjFTAJ1k4v0mZULnIf_kbZnnFSs0pbZQ%3D%3D&request_ab2=0&zoneid=5327717&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fmcgroup.cl%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&bs=c01122b9-2c17-406a-afbf-b4627be0eb6f&wasm=1&userId=0080569294454154e05e205b15e1ee6b&m=link
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mcgroup.cl/
Certificate
IssuerLet's Encrypt
Subjectglakaits.net
Fingerprint1F:46:3E:C8:C5:6A:64:F5:29:66:0F:5C:6E:CD:48:77:10:EA:26:02
ValidityTue, 07 May 2024 18:52:12 GMT - Mon, 05 Aug 2024 18:52:11 GMT

File type
gzip compressed data, max speed, from Unix
Size
6.6 kB (6559 bytes)
Hash
7a03095df2be78bedf90c22e28d32c1b
210169354890d612c96dc05d2fdb613c251d85d3
f05af4ca63aa8c0eb041b6c575d0ff1eff7b42119b4cba333818ed0c5d445c6b

HTTP Headers

GET /?rb=hH1Og8pQ-n39ADuwhIq5rfUjZi-7w_tMBNXEAZ_I01QS22_Lwx052MV1VblhL5rkilcdqSYe4bPNXaSoneAbhGXVdrintPKmUf8o210oswbuGIa25okVK9fGjef79HhJdKhYQptK_7vFvk_HhivMfIbXMd6kvkUk10GMkL8pdwMTYl78mTWtFuX-Ei1XmlLWDNcBSGaBjaHX4jHDuxQG9elyC0kdDk8C3xn0MZYjFTAJ1k4v0mZULnIf_kbZnnFSs0pbZQ%3D%3D&request_ab2=0&zoneid=5327717&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fmcgroup.cl%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&bs=c01122b9-2c17-406a-afbf-b4627be0eb6f&wasm=1&userId=0080569294454154e05e205b15e1ee6b&m=link HTTP/1.1
Host: glakaits.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mcgroup.cl/
Origin: https://mcgroup.cl
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:24:36 GMT
content-type: application/json
x-trace-id: a39dcf18f977e2fb4ea5c3bd600de383
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://mcgroup.cl
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080569294454154e05e205b15e1ee6b; expires=Thu, 08 May 2025 06:24:36 GMT; path=/; secure; SameSite=None
oaidts=1715149476; expires=Thu, 08 May 2025 06:24:36 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 06:24:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=0080569294454154e05e205b15e1ee6b

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080569294454154e05e205b15e1ee6b
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://mcgroup.cl/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
36ad2ac7f630bdf5e503581ab6cf8682
cc91f10e599290b51bc4cabfa38e9310b504852b
87b3febcf890037813a6b5eebba3dc3208616b64f397f16fbbac50c463e30411

HTTP Headers

GET /gid.js?userId=0080569294454154e05e205b15e1ee6b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mcgroup.cl
DNT: 1
Connection: keep-alive
Referer: https://mcgroup.cl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:24:36 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mcgroup.cl
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080569294454154e05e205b15e1ee6b; expires=Thu, 08 May 2025 06:24:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

mcgroup.cl/favicon.ico

45.225.94.84

404 Not Found

315 B

URL GET HTTP/2
mcgroup.cl/favicon.ico
IP
45.225.94.84:443
ASN
#263702 GRUPO ZGH SPA

Requested by
https://mcgroup.cl/
Certificate
IssuerLet's Encrypt
Subject*.mcgroup.cl
Fingerprint7F:46:0F:FA:B7:94:36:8E:04:D5:73:38:22:36:B4:98:CA:84:74:3F
ValidityTue, 02 Apr 2024 19:43:36 GMT - Mon, 01 Jul 2024 19:43:35 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mcgroup.cl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mcgroup.cl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Wed, 08 May 2024 06:24:35 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (6)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN