Report - leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8

Report Overview

Visited public
2025-06-10 19:48:01
Tags
suspicious
Submit Tags
URL
leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26
Finishing URL
betspintrack.com/cc93944b6d47b852/
IP / ASN
159.89.47.245
#14061 DIGITALOCEAN-ASN
Title
Secure File Download
Suspicious - Anti-debugging code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
betspintrack.com	unknown	2024-09-03	2025-05-30	2025-06-07	991 B	21 kB	188.166.82.118
leadgainz.com	unknown	2022-11-25	2023-07-09	2025-06-08	2.5 kB	108 kB	159.89.47.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	betspintrack.com/cc93944b6d47b852/	ScriptElement	3.8 kB	2025-05-30	2025-06-10
Pretty URL betspintrack.com/cc93944b6d47b852/ IP 188.166.82.118 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-30 09:32 Last Seen2025-06-10 19:48 Times Seen14 Hash 988f2008b493da2264343cbd38ec2143 9b006d7a58514302ac994f6c49672ddfc1bba685 1eb583a41c9e13f4f87bbf9c2e182c91f72e0499c4476fa40b798ac773e29aaf Loading...

	leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26	ScriptElement	87 kB	2025-06-10	2025-06-10
Pretty URL leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26 IP 159.89.47.245 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-10 19:48 Last Seen2025-06-10 19:48 Times Seen1 Hash 243418f2ae83da6a45ef0dabe8f1c3b8 c36b3661f316809bbade3374b2e6116f4e9b6f5f ffd3da5e80000cd13cab4118ceb433ea2a0d377bd4dbaf5a824beb823c073926 Loading...

	betspintrack.com/cc93944b6d47b852/	ScriptElement	1.9 kB	2025-05-30	2025-06-19
Pretty URL betspintrack.com/cc93944b6d47b852/ IP 188.166.82.118 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-30 09:32 Last Seen2025-06-19 15:54 Times Seen21 Hash 5f4523c5a589c598f480bd91c8f5f964 80ad77bdc50459bd8b97efda887999458f0c9a71 1826559907b2dd0ab7f3671d3ab009bf272f5a0db2e6bd8feaf457cb6cedba2d Loading...

HTTP Transactions (5)

URL IP Response Size

GET betspintrack.com/cc93944b6d47b852/

188.166.82.118

200 OK

20 kB

URL User Request GET
betspintrack.com/cc93944b6d47b852/
IP
188.166.82.118:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectbetspintrack.com
FingerprintAD:B2:54:6C:8B:B3:00:1C:CF:45:F3:C1:FC:72:D2:6E:B2:D1:42:5E
ValidityTue, 20 May 2025 14:21:33 GMT - Mon, 18 Aug 2025 14:21:32 GMT

File type
HTML document, ASCII text
Size
20 kB (20293 bytes)
Hash
237bb1ebaa712ca626ac34e7055f92a1
9d67b9704d2167481f1576908a8b560959a6bf11
cc0786c651eca85d399d51e2bd9b98a7be9abb2f189f08c7afff4443b0524cbe

HTTP Headers

GET /cc93944b6d47b852/ HTTP/1.1
Host: betspintrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leadgainz.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 10 Jun 2025 19:47:40 GMT
content-type: text/html
last-modified: Fri, 23 May 2025 10:24:39 GMT
vary: Accept-Encoding
etag: W/"68304ce7-4f45"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
referrer-policy: same-origin
alt-svc: h3=":443"; ma=86400
content-encoding: br
X-Firefox-Spdy: h2

GET betspintrack.com/favicon.ico

188.166.82.118

404 Not Found

146 B

URL GET
betspintrack.com/favicon.ico
IP
188.166.82.118:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://betspintrack.com/cc93944b6d47b852/
Certificate
IssuerLet's Encrypt
Subjectbetspintrack.com
FingerprintAD:B2:54:6C:8B:B3:00:1C:CF:45:F3:C1:FC:72:D2:6E:B2:D1:42:5E
ValidityTue, 20 May 2025 14:21:33 GMT - Mon, 18 Aug 2025 14:21:32 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: betspintrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://betspintrack.com/cc93944b6d47b852/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Tue, 10 Jun 2025 19:47:40 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

GET leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26

159.89.47.245

200 OK

87 kB

URL User Request GET
leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26
IP
159.89.47.245:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectleadgainz.com
Fingerprint2A:C1:8F:E4:23:4F:B0:B3:AF:5D:84:D7:29:B9:24:8D:76:D5:84:6D
ValiditySun, 25 May 2025 11:56:23 GMT - Sat, 23 Aug 2025 11:56:22 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (65232)
Size
87 kB (87337 bytes)
Hash
4595ac90490b4b6631c6c3d15687585e
f9c7753ff964c36dd57aeb96dd95ff4a3697ef3f
d029c5c0ad360f8789835ba564d25535533399b3fd8ada04ea04c506dad29ac7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

GET /click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26 HTTP/1.1
Host: leadgainz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 10 Jun 2025 19:47:39 GMT
server: Caddy
x-request-id: 9be6b26f-d656-4571-8bc2-eb2d75d84877
X-Firefox-Spdy: h2

GET leadgainz.com/favicon.ico

159.89.47.245

404 Not Found

153 B

URL GET
leadgainz.com/favicon.ico
IP
159.89.47.245:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26
Certificate
IssuerLet's Encrypt
Subjectleadgainz.com
Fingerprint2A:C1:8F:E4:23:4F:B0:B3:AF:5D:84:D7:29:B9:24:8D:76:D5:84:6D
ValiditySun, 25 May 2025 11:56:23 GMT - Sat, 23 Aug 2025 11:56:22 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
841102042dfedb8a9dcc0e6a9966307f
313ea8da3498deebf7f443093638df7501ce60c6
6ad407809dc8e6d079dfbd21823508dffb897b97a27eb8ae43acbea1b7c8df0d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: leadgainz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
date: Tue, 10 Jun 2025 19:47:39 GMT
server: Caddy, nginx/1.21.6
content-length: 153
X-Firefox-Spdy: h2

GET leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26&__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJtIjowLCJtY2YiOjAsImJhIjoxLCJtcDQiOjEsIm10IjowLCJ0eiI6MCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMCIsInAiOiJMaW51eCJ9LCJhIjp7ImMxIjowLCJ3IjowLCJjdyI6MCwiYWUiOjAsInRzIjowfSwid2ciOnsiciI6Imxsdm1waXBlIiwiZSI6ZmFsc2V9LCJzIjp7InNyIjoiMTI4MHgxMDI0IiwiYXMiOiIxMjgweDEwMjQiLCJpdyI6IjEyODB4MTAyNCIsIm93IjoiMTI4MHgxMDI0In0sIm4iOnsiZSI6MX0sImgiOnsiaGMiOjQ4LCJrbCI6IjAifSwiZiI6MH0=

159.89.47.245

307 Temporary Redirect

20 kB

URL User Request GET
leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26&__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJtIjowLCJtY2YiOjAsImJhIjoxLCJtcDQiOjEsIm10IjowLCJ0eiI6MCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMCIsInAiOiJMaW51eCJ9LCJhIjp7ImMxIjowLCJ3IjowLCJjdyI6MCwiYWUiOjAsInRzIjowfSwid2ciOnsiciI6Imxsdm1waXBlIiwiZSI6ZmFsc2V9LCJzIjp7InNyIjoiMTI4MHgxMDI0IiwiYXMiOiIxMjgweDEwMjQiLCJpdyI6IjEyODB4MTAyNCIsIm93IjoiMTI4MHgxMDI0In0sIm4iOnsiZSI6MX0sImgiOnsiaGMiOjQ4LCJrbCI6IjAifSwiZiI6MH0=
IP
159.89.47.245:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectleadgainz.com
Fingerprint2A:C1:8F:E4:23:4F:B0:B3:AF:5D:84:D7:29:B9:24:8D:76:D5:84:6D
ValiditySun, 25 May 2025 11:56:23 GMT - Sat, 23 Aug 2025 11:56:22 GMT

File type

Size
20 kB (20293 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26&__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJtIjowLCJtY2YiOjAsImJhIjoxLCJtcDQiOjEsIm10IjowLCJ0eiI6MCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMCIsInAiOiJMaW51eCJ9LCJhIjp7ImMxIjowLCJ3IjowLCJjdyI6MCwiYWUiOjAsInRzIjowfSwid2ciOnsiciI6Imxsdm1waXBlIiwiZSI6ZmFsc2V9LCJzIjp7InNyIjoiMTI4MHgxMDI0IiwiYXMiOiIxMjgweDEwMjQiLCJpdyI6IjEyODB4MTAyNCIsIm93IjoiMTI4MHgxMDI0In0sIm4iOnsiZSI6MX0sImgiOnsiaGMiOjQ4LCJrbCI6IjAifSwiZiI6MH0= HTTP/1.1
Host: leadgainz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leadgainz.com/click?key=c9f781595408f20e09a7&pub_click_id=BpLSMREAAAGXWwQNbgAABo0AAAB3AAAAAAAAAABqAAAAFfs&pub_sub_id=119_ec317bf7-df15-4bea-af5d-2f5abfe116f8_6ad58e26
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Tue, 10 Jun 2025 19:47:40 GMT
location: https://betspintrack.com/cc93944b6d47b852/
server: Caddy
set-cookie: uclick=keyOlFZfbN01guGnamCY5bVdgcq8V1Fttb/T4/EH/zCfN5ZSg60do6eygNUwVf4/Gj6A6W6/; Max-Age=31536000; SameSite=Lax
bcid=d148nn53c3kc73c65v8g; Max-Age=31536000; SameSite=Lax
x-request-id: 229f08e8-a91f-49a5-b035-ae767b58d169
content-length: 0
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers