Report - vk.com/away.php?to=https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts.com.br/driz/cz8w/cm95c2VjaXR5QGNvcmVhbmRtYWluLmNvbQ==$

Report Overview

Submitted URL
vk.com/away.php?to=https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts.com.br/driz/cz8w/cm95c2VjaXR5QGNvcmVhbmRtYWluLmNvbQ==$
IP
87.240.129.133
ASN
#47541 VKontakte Ltd
Submitted
2024-05-11 00:32:56
Access
public
Website Title
sigtn.com/SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client
Final URL
www.sigtn.com/SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
vk.com	2243	unknown	No data	No data	616 B	1.1 kB	87.240.132.67
away.vk.com	92855	unknown	No data	No data	1.3 kB	6.4 kB	87.240.132.67
sigtn.com	804423	unknown	No data	No data	526 B	199 B	45.60.63.178
www.sigtn.com	991771	unknown	No data	No data	2.3 kB	5.0 kB	45.60.65.178

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-11 00:10:39	high	Client IP	27.219.63.253	URLhaus Known malware download URL detected (2832005)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (7)

	URL	IP	Response	Size
	vk.com/away.php?to=https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts.com.br/driz/cz8w/cm95c2VjaXR5QGNvcmVhbmRtYWluLmNvbQ==$	87.240.132.67		20 B
URL vk.com/away.php?to=https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts.com.br/driz/cz8w/cm95c2VjaXR5QGNvcmVhbmRtYWluLmNvbQ==$ IP 87.240.132.67:0 ASN #47541 VKontakte Ltd File type gzip compressed data, from Unix Size 20 B (20 bytes) Hash 7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2 HTTP Headers GET /away.php?to=https://sigtn.com////////utils/emt.cfm?client_id=9195153&campaign_id=73466&link=neoparts.com.br/driz/cz8w/cm95c2VjaXR5QGNvcmVhbmRtYWluLmNvbQ==$ HTTP/1.1 Host: vk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: kittenx date: Sat, 11 May 2024 00:10:42 GMT content-type: text/html; charset=windows-1251 content-length: 20 location: https://away.vk.com/away.php?rh=5963bd78-26ed-4b8f-a99f-e40b22357d06 x-powered-by: KPHP/7.4.116719 set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly remixlang=3; expires=Sat, 10 May 2025 23:44:01 GMT; path=/; domain=.vk.com remixstlid=9086888608191341017_nJ0kz8PT6OQLnNTZnd72jmjNPiJDsYGuqboiAZeZv3T; expires=Sun, 11 May 2025 00:10:42 GMT; path=/; domain=.vk.com; secure remixsec_redir=https%3A%2F%2Fsigtn.com%2Futils%2Femt.cfm%3Fclient_id%3D9195153; path=/; domain=.vk.com remixua=-1%7C-1%7C331%7C3502452718; expires=Fri, 09 May 2025 04:42:48 GMT; path=/; domain=.vk.com; secure cache-control: no-store x-frame-options: DENY content-encoding: gzip x-frontend: front918400 strict-transport-security: max-age=15768000 access-control-expose-headers: X-Frontend origin-agent-cluster: ?0 x-trace-id: zv7YG64g6UesrTPjh-r4BTrrMIi9-A X-Firefox-Spdy: h2

	away.vk.com/away.php?rh=5963bd78-26ed-4b8f-a99f-e40b22357d06	87.240.132.67		287 B
URL away.vk.com/away.php?rh=5963bd78-26ed-4b8f-a99f-e40b22357d06 IP 87.240.132.67:0 ASN #47541 VKontakte Ltd File type HTML document, ASCII text, with very long lines (494), with no line terminators Size 287 B (287 bytes) Hash c4a44d202a1f535acf2918647afe0987 13f86486601ee096101929299301a8d12419b571 a828a9a6fa0796221286c88d8b3f8f9465ac7adee3771a19e72840839026881a HTTP Headers GET /away.php?rh=5963bd78-26ed-4b8f-a99f-e40b22357d06 HTTP/1.1 Host: away.vk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: remixlang=3; remixstlid=9086888608191341017_nJ0kz8PT6OQLnNTZnd72jmjNPiJDsYGuqboiAZeZv3T; remixsec_redir=https%3A%2F%2Fsigtn.com%2Futils%2Femt.cfm%3Fclient_id%3D9195153; remixua=-1%7C-1%7C331%7C3502452718 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: kittenx date: Sat, 11 May 2024 00:10:42 GMT content-type: text/html; charset=windows-1251 content-length: 287 x-powered-by: KPHP/7.4.116719 set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; domain=.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=away.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/ cache-control: no-store x-frame-options: DENY content-encoding: gzip x-frontend: front918400 access-control-expose-headers: X-Frontend x-trace-id: _QEyiRgSBa-i8kdjfIl8CrO-pcyTCA X-Firefox-Spdy: h2

	away.vk.com/favicon.ico	87.240.132.67		4.9 kB
URL away.vk.com/favicon.ico IP 87.240.132.67:0 ASN #47541 VKontakte Ltd File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced Size 4.9 kB (4944 bytes) Hash d41fa4f682279a0c77159080255b3b9e 7cdf65f129f33ddf76146c9fc0bb30bb80d25065 25dfe61842345c39cb13beeee5b921cfe1c16b5f774067416728f8046c56f925 HTTP Headers GET /favicon.ico HTTP/1.1 Host: away.vk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://away.vk.com/ DNT: 1 Connection: keep-alive Cookie: remixlang=3; remixstlid=9086888608191341017_nJ0kz8PT6OQLnNTZnd72jmjNPiJDsYGuqboiAZeZv3T; remixua=-1%7C-1%7C331%7C3502452718 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: kittenx date: Sat, 11 May 2024 00:10:42 GMT content-type: image/x-icon content-length: 4944 last-modified: Tue, 05 Apr 2022 13:13:01 GMT etag: "624c405d-1350" expires: Sat, 18 May 2024 00:10:42 GMT cache-control: max-age=604800 x-frontend: front918400 access-control-expose-headers: X-Frontend x-trace-id: yP8K_kycWPEfSETYNnlVQg3TfgJanQ accept-ranges: bytes X-Firefox-Spdy: h2`

	sigtn.com/utils/emt.cfm?client_id=9195153	45.60.63.178	301 Moved Permanently	0 B
URL User Request GET HTTP/1.1 sigtn.com/utils/emt.cfm?client_id=9195153 IP 45.60.63.178:443 ASN #19551 INCAPSULA Certificate IssuerDigiCert Inc Subject.signaturetravelnetwork.com FingerprintBE:4C:00:DB:B9:48:2D:45:F6:D5:9F:F6:F1:73:FD:72:30:9A:B7:CB ValidityTue, 29 Aug 2023 00:00:00 GMT - Sat, 28 Sep 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /utils/emt.cfm?client_id=9195153 HTTP/1.1 Host: sigtn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://away.vk.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 301 Moved Permanently Location: https://www.sigtn.com/utils/emt.cfm?client_id=9195153 Content-Length: 0 Strict-Transport-Security: max-age=31536000; includeSubDomains Connection: close`

	www.sigtn.com/utils/emt.cfm?client_id=9195153	45.60.65.178	302 Found	0 B
URL User Request GET HTTP/1.1 www.sigtn.com/utils/emt.cfm?client_id=9195153 IP 45.60.65.178:443 ASN #19551 INCAPSULA Certificate IssuerDigiCert Inc Subject.signaturetravelnetwork.com FingerprintBE:4C:00:DB:B9:48:2D:45:F6:D5:9F:F6:F1:73:FD:72:30:9A:B7:CB ValidityTue, 29 Aug 2023 00:00:00 GMT - Sat, 28 Sep 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /utils/emt.cfm?client_id=9195153 HTTP/1.1 Host: www.sigtn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://away.vk.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html;charset=UTF-8 Location: /SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client Server: Microsoft-IIS/10.0 Set-Cookie: CFID=153143092; Expires=Mon, 04-May-2054 00:10:43 GMT; Path=/; HttpOnly CFTOKEN=21649426; Expires=Mon, 04-May-2054 00:10:43 GMT; Path=/; HttpOnly NSC_MC_172.24.100.46_443=7ce2a3d91ca59d11abf6e834e51f905d9087f8bdec85849549be4a11dc6decfc4e690631;Version=1;Max-Age=7200;path=/;secure;httponly visid_incap_1371828=7zxXGSLMQhGoyVQBqnlgCIK3PmYAAAAAQUIPAAAAAACX5ZFjMXuC+Kl+20RYG9Yy; expires=Sat, 10 May 2025 22:58:43 GMT; HttpOnly; path=/; Domain=.sigtn.com; Secure; SameSite=None incap_ses_7235_1371828=BnaSAf64uRJeCsAnNOJnZIK3PmYAAAAAyMgvbFS819dg41vxGeou3Q==; path=/; Domain=.sigtn.com; Secure; SameSite=None X-Powered-By: ASP.NET Referrer-Policy: no-referrer-when-downgrade Date: Sat, 11 May 2024 00:10:42 GMT Content-Length: 0 X-Forwarded-For: 91.90.42.154 x-incap-sess-cookie-hdr: ufk7c0wa1BBeCsAnNOJnZIK3PmYAAAAAhVXNX1d41Wzfxxx7cvj4gA== Strict-Transport-Security: max-age=31536000; includeSubDomains X-CDN: Imperva X-Iinfo: 7-6703627-6703628 NNNY CT(171 172 0) RT(1715386242690 29) q(0 0 0 0) r(1 1) U24

	www.sigtn.com/SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client	45.60.65.178	302 Found	0 B
URL User Request GET HTTP/1.1 www.sigtn.com/SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client IP 45.60.65.178:443 ASN #19551 INCAPSULA Certificate IssuerDigiCert Inc Subject.signaturetravelnetwork.com FingerprintBE:4C:00:DB:B9:48:2D:45:F6:D5:9F:F6:F1:73:FD:72:30:9A:B7:CB ValidityTue, 29 Aug 2023 00:00:00 GMT - Sat, 28 Sep 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client HTTP/1.1 Host: www.sigtn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://away.vk.com/ DNT: 1 Connection: keep-alive Cookie: CFID=153143092; CFTOKEN=21649426; NSC_MC_172.24.100.46_443=7ce2a3d91ca59d11abf6e834e51f905d9087f8bdec85849549be4a11dc6decfc4e690631; visid_incap_1371828=7zxXGSLMQhGoyVQBqnlgCIK3PmYAAAAAQUIPAAAAAACX5ZFjMXuC+Kl+20RYG9Yy; incap_ses_7235_1371828=BnaSAf64uRJeCsAnNOJnZIK3PmYAAAAAyMgvbFS819dg41vxGeou3Q== Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html;charset=UTF-8 Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Referrer-Policy: no-referrer-when-downgrade Date: Sat, 11 May 2024 00:10:42 GMT Content-Length: 0 X-Forwarded-For: 91.90.42.154 Set-Cookie: NSC_MC_172.24.100.46_443=7ce2a3d91ca59d11abf6e834e51f905d9087f8bdec85849549be4a11dc6decfc4e690631;Version=1;Max-Age=7200;path=/;secure;httponly x-incap-sess-cookie-hdr: NXuKBsGPs21eCsAnNOJnZIO3PmYAAAAA77z9iUeqNxAkJ8tboGuulg== Strict-Transport-Security: max-age=31536000; includeSubDomains X-CDN: Imperva X-Iinfo: 7-6703627-6703628 SNNy RT(1715386242690 234) q(0 0 0 -1) r(2 2) U24

	www.sigtn.com/favicon.ico	45.60.65.178	200 OK	2.4 kB
URL GET HTTP/1.1 www.sigtn.com/favicon.ico IP 45.60.65.178:443 ASN #19551 INCAPSULA Requested by https://www.sigtn.com/SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client Certificate IssuerDigiCert Inc Subject.signaturetravelnetwork.com FingerprintBE:4C:00:DB:B9:48:2D:45:F6:D5:9F:F6:F1:73:FD:72:30:9A:B7:CB ValidityTue, 29 Aug 2023 00:00:00 GMT - Sat, 28 Sep 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3 Size 2.4 kB (2429 bytes) Hash b2bc9d8ee25b0e2690a304d5ae1f71a4 f18bd32c11250e91a8876df1afc273a3dfefaf17 0c74eb24236b3c485a34ad5774b98d473501dcc5db51b5947842d29ccb34ad89 HTTP Headers GET /favicon.ico HTTP/1.1 Host: www.sigtn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.sigtn.com/SigNet/index.cfm/EMC/ClientResponses/Tracking?link=&clientID=9195153&campaignID=0&responseType=client DNT: 1 Connection: keep-alive Cookie: CFID=153143092; CFTOKEN=21649426; NSC_MC_172.24.100.46_443=7ce2a3d91ca59d11abf6e834e51f905d9087f8bdec85849549be4a11dc6decfc4e690631; visid_incap_1371828=7zxXGSLMQhGoyVQBqnlgCIK3PmYAAAAAQUIPAAAAAACX5ZFjMXuC+Kl+20RYG9Yy; incap_ses_7235_1371828=BnaSAf64uRJeCsAnNOJnZIK3PmYAAAAAyMgvbFS819dg41vxGeou3Q== Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Content-Type: image/x-icon Last-Modified: Fri, 16 Dec 2022 18:03:26 GMT Accept-Ranges: bytes ETag: "7677bfb17811d91:0" Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Referrer-Policy: no-referrer-when-downgrade Date: Sat, 11 May 2024 00:10:42 GMT Content-Length: 2429 X-Forwarded-For: 91.90.42.154 Set-Cookie: NSC_MC_172.24.100.46_443=7ce2a3d91ca59d11abf6e834e51f905d9087f8bdec85849549be4a11dc6decfc4e690631;Version=1;Max-Age=7200;path=/;secure;httponly Strict-Transport-Security: max-age=31536000; includeSubDomains X-CDN: Imperva X-Iinfo: 7-6703627-6703628 SNNy RT(1715386242690 649) q(0 0 0 -1) r(2 2) U24

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (7)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash