Report - scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor

Report Overview

Submitted URL
scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
IP
94.237.92.126
ASN
#202053 UpCloud Ltd
Submitted
2024-05-10 08:09:11
Access
public
Website Title
Navegación Segura - Escaneo en línea gratuito.
Final URL
scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
scan.securewin.xyz	unknown	unknown	No data	No data	7.0 kB	5.1 kB	94.237.92.126

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	securewin.xyz	Sinkholed
2024-05-10	medium	securewin.xyz	Sinkholed
2024-05-10	medium	securewin.xyz	Sinkholed
2024-05-10	medium	securewin.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit	301 B	2023-08-02	2024-05-10
Pretty URL scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit IP 94.237.92.126 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 17:39:06 Last Seen2024-05-10 10:09:17 Times Seen42 Hash 1c7368bf567dd3a51f3a075b4f5770b6 53d02aeb9ce19a7e91ab5897adcdaecc3011a230 321dbcd9895956f096fbc0636d76b5080110620e68f104d42043ad8aab4501cf Loading...

	scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit	3.8 kB	2024-05-10	2024-05-10
Pretty URL scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit IP 94.237.92.126 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 10:09:17 Last Seen2024-05-10 10:09:17 Times Seen1 Hash 141da226865e60c75185b55df1871268 6e5f7c5b259e4f10f0eb4326ae2aba369f6d03a2 adf4cf3cd5c94b0a98c899a11f9eeaaad9013472ac03e41b93748cf5473921c8 Loading...

	scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit	416 B	2024-05-10	2024-05-10
Pretty URL scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit IP 94.237.92.126 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 10:09:17 Last Seen2024-05-10 10:09:17 Times Seen1 Hash 96c22df91c64109afa9a2a12eda38de7 aa1431fc161c998569e7c1b59b372c694f5790c0 46c1d1f0c3f98d2f0f22f2f414eac14a57053d62613fe827a7e6e0894252df22 Loading...

HTTP Transactions (4)

URL IP Response Size

scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit

94.237.92.126

200 OK

4.0 kB

URL User Request GET HTTP/2
scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
IP
94.237.92.126:443
ASN
#202053 UpCloud Ltd

Certificate
IssuerLet's Encrypt
Subject*.securewin.xyz
Fingerprint9F:EA:46:5A:FD:4C:63:D0:46:FD:0F:BD:25:EB:57:34:71:EB:6E:5D
ValidityFri, 19 Apr 2024 07:34:51 GMT - Thu, 18 Jul 2024 07:34:50 GMT

File type
gzip compressed data, from Unix
Size
4.0 kB (3958 bytes)
Hash
4e29514beafdc1174cc1c706921adb7f
b9547245d9b18900b38f2f3c353907ff73ac4c9a
5e7a3e254ae581d2089e89741319c7c47da8612acefc17140d2db645881f673b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit HTTP/1.1
Host: scan.securewin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Fri, 10 May 2024 08:08:47 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

scan.securewin.xyz/favicon.ico

94.237.92.126

404 Not Found

146 B

URL GET HTTP/2
scan.securewin.xyz/favicon.ico
IP
94.237.92.126:443
ASN
#202053 UpCloud Ltd

Requested by
https://scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
Certificate
IssuerLet's Encrypt
Subject*.securewin.xyz
Fingerprint9F:EA:46:5A:FD:4C:63:D0:46:FD:0F:BD:25:EB:57:34:71:EB:6E:5D
ValidityFri, 19 Apr 2024 07:34:51 GMT - Thu, 18 Jul 2024 07:34:50 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: scan.securewin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 10 May 2024 08:08:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

scan.securewin.xyz/dl/pre/security_files/shield.png

94.237.92.126

404 Not Found

146 B

URL GET HTTP/2
scan.securewin.xyz/dl/pre/security_files/shield.png
IP
94.237.92.126:443
ASN
#202053 UpCloud Ltd

Requested by
https://scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
Certificate
IssuerLet's Encrypt
Subject*.securewin.xyz
Fingerprint9F:EA:46:5A:FD:4C:63:D0:46:FD:0F:BD:25:EB:57:34:71:EB:6E:5D
ValidityFri, 19 Apr 2024 07:34:51 GMT - Thu, 18 Jul 2024 07:34:50 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dl/pre/security_files/shield.png HTTP/1.1
Host: scan.securewin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 10 May 2024 08:08:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

scan.securewin.xyz/dl/pre/gift.png

94.237.92.126

404 Not Found

146 B

URL GET HTTP/2
scan.securewin.xyz/dl/pre/gift.png
IP
94.237.92.126:443
ASN
#202053 UpCloud Ltd

Requested by
https://scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
Certificate
IssuerLet's Encrypt
Subject*.securewin.xyz
Fingerprint9F:EA:46:5A:FD:4C:63:D0:46:FD:0F:BD:25:EB:57:34:71:EB:6E:5D
ValidityFri, 19 Apr 2024 07:34:51 GMT - Thu, 18 Jul 2024 07:34:50 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dl/pre/gift.png HTTP/1.1
Host: scan.securewin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://scan.securewin.xyz/dl/pre/scan?tracking=l23&tdomain=track.nonewflags.com&trk=whm87ckqluu1gf61jmshnb1m&cep=PWys2nTGeEsNXs63nXyON6yBIkKPn7YO-bAPuwTcPj7gDXpqdeyw_ZVJI-ikV_XpDyjiDutJJT7wRWB-fv0LXK8tAJBD2JAI-fhGLMu4ZmCPq57zjuWSGwaVmZvgrSAG6tKaHeKkCnx-keSxpD0ZZRzRhMpUSSDFEAeJRnZCYMet7-lhLG7wlJt7MlQIcQu6cta7dum4ZuQRxHco25z14QA-w8grWANrpDzQoB-uexzTY5NzERTYM7CSuS9jCGm1qAdCG84E3G40iT3NJXPP9rPD-WmwGws7MrY7YRaijuk5Hqt8yF9meQUeH6XC_ZWkjw98A6B0eLZweZqHA69TDg3WG29TapKTQsN3z1AK3DP7d8LWanp0YxU4BXl1dSt7mBtRpxkx6fMlMDiyi3wqe-Arim8_f67X1v9DPCsSA9lz-mSAZZGfqZ7qA_RBym4Ebxa53YUhey2elp7M5zuGft_GbmVRPh48UVWk3C7uVq6Ho2h2Wb7kJJYe6HvG4mR_ClMBaeA3vw-9WY47x7jUu36f_Gveutfbu0Gm9_3DCGWXA_HuKnJkjS1o37OJO_WXR_qT8O2mx7stKkjGdr0AtsSVg0R7C_YvCuI5O8A7Nrs4g70-KLn9irlmSff1yb39OzIDo3_op149hG9q50ceNYSRei6oF5iFBYz5maHHDLCoL8-86GFBx4W9wONouqgQgJbHcStXG0V5eD-PokDkGXXrB7rGIKRKPBoEiQ1ZoAD7Yn8i_6zreroRFrNshtGqSxWNcFOHul4wj_VdVx_AifoI3rzQrNoYx5_66R4UgltIn3LdZm4Paovvta3EnM6JYLLQaTuhg1DQGYI0aRghOoVkX7qPJOr4bdPB-ZQBF7k&lptoken=17c0150632f9633a2446&zoneid=6954485&device=other&browser=opera&os=android&country=CR&isp=telxiuscableargentinas.a.&useragent=Mozilla/5.0(Linux;Android14;CPH2495)AppleWebKit/537.36(KHTML,likeGecko)Chrome/114.0.5735.130MobileSafari/537.36OPR/76.1.4027.73300&language=es&connectiontype=oc3&cost=0.003900&visitor_id=812182516340363264&from=exit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 10 May 2024 08:08:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (4)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN