Report - vezeklet.pro/o?k=69acf76fb48bf7e6

Report Overview

Submitted URL
vezeklet.pro/o?k=69acf76fb48bf7e6
IP
46.4.172.148
ASN
#24940 Hetzner Online GmbH
Submitted
2024-04-24 16:54:50
Access
public
Website Title
FILE READY
Final URL
www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ld123.g2afse.com	unknown	unknown	No data	No data	538 B	267 B	34.90.14.205
vezeklet.pro	unknown	2024-02-06	2024-03-04	2024-04-18	489 B	62 kB	46.4.172.148
12665a401041.tc2qwerty.com	unknown	2023-07-05	2023-08-10	2024-03-26	522 B	62 kB	94.237.92.107
www.megawinner.xyz	unknown	2024-04-19	2021-06-19	2021-10-03	614 B	62 kB	94.237.92.126

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream	142 B	2024-02-16	2024-05-05
Pretty URL www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream IP 94.237.92.126 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-16 08:45:33 Last Seen2024-05-05 16:07:19 Times Seen12 Hash f3e8b830522d7d4a57cd2a4dca9c1ccb ffbdadd7552d3fba565c3f1bcf10a673e51ada44 2dd662e6f94049e35657520772b88ed4484dbc1578dcd09b53fe95ac9d9407be Loading...

	www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream	1.0 kB	2024-02-16	2024-05-05
Pretty URL www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream IP 94.237.92.126 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-16 08:45:33 Last Seen2024-05-05 16:07:19 Times Seen12 Hash b2b69053f9244f3b84a4fa18acd4f2fa b8e92bb4d2847c92dd0ff98a733a0712955575bc 21072322a4c5c1076425b483f8e8ca1c5be9b7848f163bc9ea62cd379db10a48 Loading...

	www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream	2.1 kB	2024-04-24	2024-04-24
Pretty URL www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream IP 94.237.92.126 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 18:54:57 Last Seen2024-04-24 18:54:57 Times Seen1 Hash 4ec4fad6215e7288629bd452eb44baf6 0d0ea4934ac4d4b1696767dd6b7c2a02c9c20e98 e0d9c81dbac00510f1749bf1b71c9d6e96cefbc02a666a1a6b05fecac374490f Loading...

HTTP Transactions (4)

	URL	IP	Response	Size
	ld123.g2afse.com/click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_	34.90.14.205	302 Found	0 B
URL User Request GET HTTP/2 ld123.g2afse.com/click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_ IP 34.90.14.205:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Certificate IssuerDigiCert Inc Subject.g2afse.com Fingerprint3A:C2:12:6C:59:0C:A9:12:C1:47:C8:05:B6:0F:75:69:7A:76:D6:85 ValidityMon, 28 Aug 2023 00:00:00 GMT - Wed, 04 Sep 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_ HTTP/1.1 Host: ld123.g2afse.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx date: Wed, 24 Apr 2024 16:54:25 GMT content-length: 0 location: https://12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id= x-adjust-use-original-forwarded-for: 1 access-control-allow-origin: X-Firefox-Spdy: h2`

	vezeklet.pro/o?k=69acf76fb48bf7e6	46.4.172.148	302 Found	62 kB
URL User Request GET HTTP/2 vezeklet.pro/o?k=69acf76fb48bf7e6 IP 46.4.172.148:443 ASN #24940 Hetzner Online GmbH Certificate IssuerLet's Encrypt Subjectvezeklet.pro FingerprintD1:5F:54:36:A9:AE:99:FC:BD:70:8F:D3:80:7D:55:81:75:A2:6E:F0 ValiditySat, 06 Apr 2024 23:21:09 GMT - Fri, 05 Jul 2024 23:21:08 GMT File type Size 62 kB (61454 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /o?k=69acf76fb48bf7e6 HTTP/1.1 Host: vezeklet.pro User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: nginx/1.20.2 date: Wed, 24 Apr 2024 16:54:25 GMT content-type: text/html; charset=UTF-8 location: https://ld123.g2afse.com/click?pid=76&offer_id=8084&sub1=90c00070521ac263f7020905&sub2=1689_ x-powered-by: PHP/8.1.27 referrer-policy: no-referrer set-cookie: aff_tds_id=cb01d03497b5257d489e450fca70d691dc43763b94918ab05922168281b69429a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22aff_tds_id%22%3Bi%3A1%3Bs%3A16%3A%226ba85f899b4fb0b4%22%3B%7D; expires=Wed, 24-Apr-2024 20:59:59 GMT; Max-Age=14734; path=/; HttpOnly; SameSite=Lax expires: Wed, 24 Apr 2024 16:54:24 GMT cache-control: no-cache X-Firefox-Spdy: h2

	12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id=	94.237.92.107	302 Found	62 kB
URL User Request GET HTTP/2 12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id= IP 94.237.92.107:443 ASN #202053 UpCloud Ltd Certificate IssuerLet's Encrypt Subjecttc2qwerty.com Fingerprint51:BA:BF:DA:16:EE:8D:B0:DA:AB:E1:50:33:DC:6B:D1:E5:0C:A4:E6 ValidityFri, 05 Apr 2024 21:39:44 GMT - Thu, 04 Jul 2024 21:39:43 GMT File type Size 62 kB (61454 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?p=6304&media_type=mainstream&click_id= HTTP/1.1 Host: 12665a401041.tc2qwerty.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Wed, 24 Apr 2024 16:54:26 GMT content-type: text/html; charset=UTF-8 set-cookie: rts-trck=1; expires=Wed, 24 Apr 2024 17:04:26 GMT; Max-Age=600; path=/; domain=12665a401041.tc2qwerty.com t-uuid=62pwkhkt12ndhxgmktfeocoos; expires=Mon, 24 Apr 2034 16:54:26 GMT; Max-Age=315532800; path=/; domain=.tc2qwerty.com rts-trck=1; expires=Wed, 24 Apr 2024 17:04:26 GMT; Max-Age=600; path=/; domain=12665a401041.tc2qwerty.com traffic-visited-domain=megawinner.xyz; expires=Fri, 24 May 2024 16:54:26 GMT; Max-Age=2592000; path=/; domain=.tc2qwerty.com traffic-back=ok; expires=Wed, 24 Apr 2024 16:54:56 GMT; Max-Age=30; path=/; domain=.tc2qwerty.com location: https://www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream X-Firefox-Spdy: h2

	www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream	94.237.92.126	200 OK	62 kB
URL User Request GET HTTP/2 www.megawinner.xyz/dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream IP 94.237.92.126:443 ASN #202053 UpCloud Ltd Certificate IssuerLet's Encrypt Subject.megawinner.xyz FingerprintE1:3F:35:F8:78:45:55:BE:FA:4F:C2:BE:D0:9B:8A:89:8A:6E:FE:37 ValidityFri, 19 Apr 2024 07:20:12 GMT - Thu, 18 Jul 2024 07:20:11 GMT File type Size 62 kB (61454 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /dl/all/offer/sub/download/?tid=62pwkhksz99pjsmet6wgsg8w4,17594783,5,6304&ctrack=1713977666.346696040&p=6304&click_id=&media_type=mainstream HTTP/1.1 Host: www.megawinner.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private date: Wed, 24 Apr 2024 16:54:26 GMT content-encoding: gzip X-Firefox-Spdy: h2`