Overview

URLwww.konnect.travel/Mailers/2023/march/images/konnect-logo.png%5C
IP 54.246.234.186 (Ireland)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access public lock_open
Report completed2023-05-26 05:45:24 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (2)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
www.konnect.travel (2) 0 2016-02-01 13:12:19 2023-03-17 12:27:14 956 1821 54.246.234.186
www.www.konnect.travel (1) 0 No data No data 524 0 0.0.0.0

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2023-05-26 medium www.konnect.travel/Mailers/2023/march/images/konnect-logo.png%5C Spam
2023-05-26 medium www.konnect.travel/Mailers/2023/march/images/konnect-logo.png%5C Spam
2023-05-26 medium www.www.konnect.travel/Mailers/2023/march/images/konnect-logo.png/ Spam

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 54.246.234.186
Date UQ / IDS / BL URL IP
2023-05-26 05:45:24 UTC 0 - 0 - 3 www.konnect.travel/Mailers/2023/march/images/ (...) 54.246.234.186


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-06-06 05:41:01 UTC 0 - 1 - 0 www.prosoltecnologia.com.br/arquivos/aa_v3.exe 52.67.55.174
2023-06-06 05:38:40 UTC 0 - 27 - 0 jisin.jp/life/health/1645018/ 54.230.111.62
2023-06-06 05:33:38 UTC 0 - 2 - 14 ww25.anpmnmxo.biz/kvvd?subid1=20230606-1525-3 (...) 199.59.243.223
2023-06-06 05:33:37 UTC 0 - 2 - 14 ww25.anpmnmxo.biz/asigp?subid1=20230606-1525- (...) 199.59.243.223
2023-06-06 05:33:02 UTC 0 - 2 - 0 tloma.member365.com/ecommunication/api/click/ (...) 44.224.141.59


Last 1 reports on domain: konnect.travel
Date UQ / IDS / BL URL IP
2023-05-26 05:45:24 UTC 0 - 0 - 3 www.konnect.travel/Mailers/2023/march/images/ (...) 54.246.234.186


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-06-06 04:59:37 UTC 0 - 0 - 1 dl6.files2get.com/software/soft2/wersje/mail- (...) 217.144.201.38
2023-06-06 04:57:35 UTC 0 - 0 - 1 dl6.files2get.com/software/soft2/wersje/mail- (...) 217.144.201.38
2023-06-06 04:49:25 UTC 0 - 0 - 1 dl6.files2get.com/software/soft2/wersje/chrom (...) 217.144.201.38
2023-06-06 04:47:25 UTC 0 - 0 - 1 dl6.files2get.com/software/soft2/wersje/chrom (...) 217.144.201.38
2023-06-06 02:13:30 UTC 0 - 0 - 1 bonuscanavari.com/20.08.2018-9795730888.zip 172.67.184.173

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (3)


Request Response
                                        
                                            GET /Mailers/2023/march/images/konnect-logo.png%5C HTTP/1.1 
Host: www.konnect.travel
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             54.246.234.186
HTTP/2 404 Not Found
content-type: text/html
                                            
x-powered-by: ASP.NET
date: Fri, 26 May 2023 05:46:09 GMT
content-length: 1245
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1245
Md5:    5343c1a8b203c162a3bf3870d9f50fd4
Sha1:   04b5b886c20d88b57eea6d8ff882624a4ac1e51d
Sha256: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Blocklists:
  - fortinet: Spam
                                        
                                            GET /Mailers/2023/march/images/konnect-logo.png%5C HTTP/1.1 
Host: www.konnect.travel
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             54.246.234.186
HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
                                            
Location: https://www.www.konnect.travel/Mailers/2023/march/images/konnect-logo.png/
X-Powered-By: ASP.NET
Date: Fri, 26 May 2023 05:46:09 GMT
Content-Length: 197


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   197
Md5:    3df59d75620381d706ec732aadbae19f
Sha1:   578848e2b84fa60ae68beaca24cdadadb6a8fe6b
Sha256: e545e753c003eab15c7e7ffc3f51692305ebb4069d8ac90a687ac3b2638a925c

Blocklists:
  - fortinet: Spam
                                        
                                            GET /Mailers/2023/march/images/konnect-logo.png/ HTTP/1.1 
Host: www.www.konnect.travel
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache


                                        
                                             
                                            

Blocklists:
  - fortinet: Spam