Report Overview

  1. Submitted URL

    epicload.com/files/PwaIdGe6/KawaiiSofey.zip

  2. IP

    188.114.96.1

    ASN

    #13335 CLOUDFLARENET

  3. Submitted

    2024-05-10 15:52:36

    Access

    public

  4. Website Title

    KawaiiSofey.zip 1.66 GB - Epicload.com - Multiple File Host Mirrors

  5. Final URL

    epicload.com/files/PwaIdGe6/KawaiiSofey.zip

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    2

  4. Threat Detection Systems

    2

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
bid.mbidtg.comunknown2023-03-092023-03-092024-05-06
fonts.gstatic.comunknown2008-02-112014-09-092024-05-10
static.a-ads.com348272012-07-072013-06-012024-05-09
utmala.xyzunknown2024-05-012024-05-102024-05-10
js.mbidadm.comunknown2023-02-202023-02-212024-05-06
cdn.cloudfrale.com557502019-02-042019-02-062024-05-08
o.pki.googunknown2016-06-132024-04-242024-05-09
i.wmgtr.com136962020-09-112020-09-112024-05-09
ad.a-ads.com269702012-07-072013-04-192024-05-09
accounts.google.com811997-09-152016-03-202024-05-09
mbddip.comunknown2023-04-262023-07-142024-05-06
mbdippex.comunknown2023-04-262023-06-062024-05-02
storage.mbidstorage.comunknown2024-02-272024-03-052024-05-06
js.mbidinp.comunknown2023-02-202023-04-252024-05-06
static.bookmsg.com474952020-09-152020-11-242024-05-09
fonts.googleapis.com88772005-01-252013-06-102024-05-10
epicload.comunknown2009-03-052020-08-042024-03-19
www.googletagmanager.com752011-11-112013-05-222024-05-09
fp.metricswpsh.comunknown2021-10-292022-04-222024-05-08
metricswpsh.comunknown2021-10-292021-11-022024-05-08
tracking.eu.antskre.comunknown2023-07-032023-07-062024-05-01
owlunimmvn.comunknown2022-09-232022-10-042024-04-19

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
medium 31.220.27.101Client IP
ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
medium 31.220.27.101Client IP
ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS
SeverityIndicatorAlert
mediumutmala.xyzSinkholed

ThreatFox

No alerts detected


JavaScript (19)

HTTP Transactions (54)

URLIPResponseSize
epicload.com/templates/default/assets/images/logo.png
188.114.97.1200 OK9.1 kB
epicload.com/assets/images/vpnanonlogin.png
188.114.97.1200 OK30 kB
www.googletagmanager.com/gtag/js?id=UA-252869331-1
142.250.74.168200 OK75 kB
epicload.com/favicon.ico
188.114.97.1200 OK0 B
www.googletagmanager.com/gtag/js?id=G-9FG9P4KZYH&l=dataLayer&cx=c
142.250.74.168200 OK89 kB
epicload.com/assets/js/bootstrap.min.js
188.114.97.1200 OK53 kB
epicload.com/templates/default/assets/css/app.css?time=1715356330
188.114.97.1200 OK3.7 kB
bid.mbidtg.com/tags/114759?version_name=a
45.133.44.25200 OK1.3 kB
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK47 kB
static.a-ads.com/a-ads-banners/504928/320x100?region=eu-central-1
46.4.20.142200 OK350 kB
cdn.cloudfrale.com/bn/bb0/d62/f25/bb0d62f259f862e36013c38c66a4affcb2d97bc0.mp4
45.133.44.21206 Partial Content367 kB
fp.metricswpsh.com/fp?tag_id=114759
157.90.84.242200 OK0 B
fp.metricswpsh.com/fp?tag_id=114759
157.90.84.242200 OK58 B
metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2NjY5NjA3MTg2MTU4MjA1MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIyLjAiLCJ0YWdfaWQiOjExNDc1OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9
88.198.186.112200 OK0 B
o.pki.goog/wr2
142.250.74.131 471 B
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
64.233.164.84302 Found0 B
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQx6CUE2umHi8AshwnLL2CcHeREE4YlydlDJ8A_jD_A_U2KU8GWyhqR15FiYe_vLZ62hNvj6ow
64.233.164.84302 Found424 B
o.pki.goog/wr2
142.250.74.131 471 B
mbddip.com/in/dip?site=native-push&wl=1&event_id=018724de-a900-496c-ab1d-b003e0aae49a&subid=350380875&sid=764540774&spot_id=419952&created_at=2024-05-10&timezone=0&ver=8.159.0&is_native=1
94.130.198.6200 OK0 B
mbdippex.com/in/multy
94.130.198.6200 OK0 B
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyqDYPhjF_yy_tI4bGU3iBB3MyriP-T_KVAVTdiSuHc5PHpTGyENUgaEbaU37WHyKke5maL&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1325617855%3A1715356332014343&theme=mn&ddm=0
64.233.164.84403 Forbidden1.3 kB
storage.mbidstorage.com/log/count.html
172.67.164.241301 Moved Permanently4.5 kB
storage.mbidstorage.com/log/count.html
172.67.164.241301 Moved Permanently7.5 kB
storage.mbidstorage.com/log/count.html
172.67.164.241301 Moved Permanently5.7 kB
mbdippex.com/in/show/?tag_ab=a&site_id=31419952&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fepicload.com%2Ffiles%2FPwaIdGe6%2FKawaiiSofey.zip&refdom=epicload.com&auction_time=1715356332&subid=350380875&sid=764540774&tcid=0&ver=8.159.0&ver_c=&spot_id=419952&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-10&iabcat=IAB25-3&keywords=&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D350380875%26spot_id%3D419952%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fepicload.com%252Ffiles%252FPwaIdGe6%252FKawaiiSofey.zip%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D350380875%26spot_id%3D419952%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fepicload.com%252Ffiles%252FPwaIdGe6%252FKawaiiSofey.zip%26idzone%3D0%26sid%3D1886&icons=jvy3N1x8Fb05fKRQL6M2xwxGILI946EB6wyO_SRdz5xTOKXaeKHb5DK6WC4zZdy-CD1pwdCvte__Ejq_hkyZnr-64G5NpfWxs9ZmeE53lZSUIReu4VqDOXDrRnsjMkful8AdFasjhtkjMRFFB1gB0oH2DOoEM9J-BOtdH0EtG8XCprLZlQ&ext_cid=0&px_id=419952&min_cpm=0.03739422622586306&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=1417227051956239606&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.03739422622586305&cpm=0&verify_hash=6476fc34a7603ad98c87ecd0beedf765&is_native=4&real_bid=0.00086161&original_bid_usd=0.00086161&original_bid=0.00086161&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00086161&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000086161&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=e4f1b1ed-007e-4140-8d9e-4007f4d469e6&prev_step_diff=564
94.130.198.6200 OK0 B
mbdippex.com/in/show/?tag_ab=a&site_id=31419952&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fepicload.com%2Ffiles%2FPwaIdGe6%2FKawaiiSofey.zip&refdom=epicload.com&auction_time=1715356332&subid=350380875&sid=764540774&tcid=0&ver=8.159.0&ver_c=&spot_id=419952&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-10&iabcat=IAB25-3&keywords=&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D350380875%26spot_id%3D419952%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fepicload.com%252Ffiles%252FPwaIdGe6%252FKawaiiSofey.zip%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=a2d22327dedd6d7fba391c8287e7886f&url=https%3A%2F%2Fclick.eu.aneorwd.com%2Frtb%2Ffeedclick_inpage%3Ffeedid%3De703%26subid%3D31419952%26uuid%3D548f6355-2453-4f34-a43c-59008deb33f9%26ep%3DXWLRGHSZMKN2Q53M2ENSKHNSQYIHWREJ7Y4B4OFTKK2IIHDDVNBG4VIZG6FFDN4AONCM4ZPJVNQMFRA3RKSS5J6WJR3OSGSYEWXZQNZ7UUZIHEYZGJYDV2TBQKGV2VWYKFOGS6CIWE26WLZHCKTF7LDDVUZSAJRUIDD52PRD5ZPODOW6UYF7J6BH7IN72IA4PB3W5B7NVMPZXQG4AEWM6NINZQN7NNZSMLKLOUFT3KU22IQ3GW7JB43JNYZGDWYZJDHYGHDRA2FYFNG6ZTRWEZPXU373VPGD44ZYF3NQKWUTPUTO3ILOU3LSYTI3DYKHLNKQVPA5TQP5KQVISOKDFIJLIRWVABCJ676ZGGRMGPTZ2LSXVXFLXGTFKYFGHKJY3AZYTEJYSUPHCIZXOAS4GZJSU22FP6OSS66EOBDN7FKEHBAK74TCUWIH3FHPLOOZSMQDX5X5UE4C27FYMUCNRDNYMJMRWWYYERA34VBO4ITEVWMMDYPKEMJPGFQUDALAUKO6UN67C5524JHYQG5VIWA7A2VNKXIDGILWUNW6Y3WZQKWHPP7ITWCBUZJLSIWNKW7MMW77IZCIS%253D%253D%253D&icons=gOfJQlB1ZhxYPLAvP32kCQLPf1yAXoASMbgc_swdmq-RLGg_Vq3618soCLCDgP3jsPY2Y20vLFdiJHpZdSrghWPqCHMlCD_0eKWc9FufqTggdyvQg0U2x1pYbC4PRnaOsuXtzIvO7aLM7aMAd2NePHLREGrzxRncwCDDIFW_iGOlCDCbDF3a09YRK1vhOOKQl6svFyxXw3xikPZvyNltRd-I7ai_ba1lk152jzjqDYmTkyDSwjj-kYtWCDRusEsVttHgWw4yrGIjycSzGIyzc9opi6yKFKn6apDgtoeADmKrpIxq4WoEZ8E4MNhnG_OaShQ0lR6RnYaN4FfoiDW9KWX1ZMo-grCE5fgqonoq-S_IhEVs5UdNyaiQ8JPQ7JGJlb-oFs5tv7u4qUYaL25Z3CRcMRlSIdHRr9GfmGBPZDEkdvWTxJo7Lgl1618dlDZjQmiH26ukQ8qADQOORW2UCb_OBc_N7yfcsqzRf8iRsah-MH9Peqq7NCTmxcBhirFGEd8uiGDO8Ic0VsJumol2v4Um1ZnG7laXtdSyZEBiKWxchqad5jj_UGgJ0B35BsCFylJbE7hI0P4XmhJrPEmcVWx3XshSPL3m4eY&ext_cid=0&px_id=31419952&min_cpm=0.015938030755806947&out_id=0&campaign_type=mq&aid=3412&cid=12971&uniq=&mid=1417227051956239606&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.03521364845095148&cpm=0&verify_hash=7a4531bc4bb981dc0feb3a3c74829f81&is_native=1&real_bid=0.0019036499619483989&original_bid_usd=0.0021&original_bid=0.0021&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=98,93,108,0,101,4&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=null&site=native-push-adult&price=0.0021&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000021&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=f94f276b-3a3d-45d8-b9df-716a408da8d1&prev_step_diff=564
94.130.198.6200 OK0 B
storage.mbidstorage.com/log/count.html
172.67.164.241301 Moved Permanently989 B
js.mbidinp.com/npc/sdk/wpu/npush.m.js
45.133.44.53200 OK47 kB
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
45.133.44.24200 OK1.1 kB
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=c085c258-de51-4c7d-ae22-ecf68f68e9f5&prev_step_diff=564
45.133.44.24200 OK486 B
storage.mbidstorage.com/log/count.html
172.67.164.241301 Moved Permanently53 kB
tracking.eu.antskre.com/rtb/feedimpression?uuid=548f6355-2453-4f34-a43c-59008deb33f9&s=101&d=136&feedid=e703&rt=1715356332227&sb=0.0021&db=0.004620&subid=31419952&tokid=null&url=RBVSDNQJ2CRNHXFUFSY2USODI5WD4LES4WOBDSIEPJFNXFW4OE5C56CV2W3HRQXQYHDHBMUUQ5KLUE3LGKDAHVS4LYWXVWAQ6MKW7GZSR34K7AJOUJD7VOASGFSFDCYLBEAOWNGMPJRNYOT27YJ5FZITLMIPLEKPRMG73SI3YDIHBZO6FGIQ%3D%3D%3D%3D&i=88d0bd&u=d27150&g=NO&ad=&sp=&spv=&sm=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.03&cpa=72983262-fb50-49ce-b394-965f37a4c834&prev_step_diff=563
138.68.123.32 0 B
utmala.xyz/dsp/ph/icm?aid=2642900795095204476&mid=0&sid=610&t=1715356332&subid=570331419952
31.220.27.101 0 B
storage.mbidstorage.com/log/count.html
172.67.164.241301 Moved Permanently827 B
epicload.com/files/PwaIdGe6/null
188.114.97.1200 OK14 kB
epicload.com/assets/js/dropzone.min.js
188.114.97.1200 OK114 kB
js.mbidadm.com/static/scripts.js
45.133.44.52200 OK1.7 kB
epicload.com/assets/js/jquery.min.js
188.114.97.1200 OK90 kB
epicload.com/assets/css/bootstrap.min.css
188.114.97.1200 OK195 kB
epicload.com/assets/js/popper.min.js
188.114.97.1200 OK20 kB
js.mbidadm.com/static/scripts.m.js
45.133.44.52200 OK109 kB
i.wmgtr.com/cic/gT-sn3bSeJ-rJNTFS2NBEqx9dnNlTTFS.png
0.0.0.0 0 B
ad.a-ads.com/2313303?size=320x100
136.243.11.250200 OK22 kB
epicload.com/templates/default/assets/js/app.js?time=1715356330
188.114.97.1200 OK15 kB
owlunimmvn.com/get/1944051?zoneid=1944051&jp=_clqee4zbia45x9u4c43klw&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8556666893821440&eclog=0&im=1&freq=0&uf=0
212.117.190.201200 OK4.2 kB
epicload.com/assets/css/sweetalert.min.css
188.114.97.1200 OK21 kB
epicload.com/assets/js/clipboard.min.js
188.114.97.1200 OK9.2 kB
static.bookmsg.com/creatives/MyBid_Logo_1000px_Color__1_.jpg
45.133.44.24200 OK52 kB
epicload.com/assets/js/sweetalert.min.js
188.114.97.1200 OK64 kB
owlunimmvn.com/lv/esnk/1944051/code.js
212.117.190.201200 OK116 kB
fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
142.250.74.106200 OK4.8 kB
js.mbidinp.com/skins/nmain.m.js
45.133.44.53200 OK470 kB
epicload.com/files/PwaIdGe6/KawaiiSofey.zip
188.114.97.1200 OK14 kB
epicload.com/assets/css/dropzone.min.css
188.114.97.1200 OK9.7 kB