Report Overview

  1. Submitted URL

    www.uplevelreward.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&RBC=1&reward=victoriassecret1000&o=213460&affsecid=4397070343&subaff1=16259&subaff2=201927&subaff3=200916&subaff4=Victorias-Secret-1000&DVID=

  2. IP

    172.67.161.106

    ASN

    #13335 CLOUDFLARENET

  3. Submitted

    2023-01-28 07:11:52

    Access

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    13

  4. Threat Detection Systems

    0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
fonts.gstatic.comunknown2014-09-09T02:40:21Z2023-03-13T08:44:36Z
www.clicken.us539392017-01-29T21:04:35Z2023-03-10T14:59:43Z
pixel.quantserve.com4172012-05-21T21:45:06Z2023-03-13T05:28:27Z
aux.fqtag.com193712019-08-05T20:31:42Z2023-03-10T14:59:44Z
secure.quantserve.com9732012-05-22T22:26:25Z2023-03-13T05:20:58Z
push.services.mozilla.com21402014-10-24T10:27:06Z2023-03-13T05:09:14Z
ocsp.digicert.com862012-05-21T09:02:23Z2023-03-13T06:00:13Z
www.cdn925.com855232014-10-07T17:05:21Z2023-03-10T14:59:43Z
fqtag.com132522014-10-18T05:56:37Z2023-03-10T16:21:27Z
rules.quantcount.com8772018-06-15T17:43:28Z2023-03-13T05:20:58Z
img-getpocket.cdn.mozilla.net16312018-06-22T01:36:00Z2023-03-13T05:09:16Z
content-signature-2.cdn.mozilla.net11522020-11-03T13:26:46Z2023-03-13T05:09:35Z
contile.services.mozilla.com11142021-05-27T20:32:35Z2023-03-13T05:09:13Z
ocsp.pki.goog1752018-07-01T08:43:07Z2023-03-13T05:09:47Z
fonts.googleapis.com88772013-06-10T22:14:26Z2023-03-13T08:14:31Z
www.google.com72015-05-10T13:11:19Z2023-03-13T06:40:43Z
www.gstatic.comunknown2016-07-26T11:37:06Z2023-03-13T07:57:11Z
r3.o.lencr.org3442020-12-02T09:52:13Z2023-03-13T05:09:07Z
firefox.settings.services.mozilla.com8672020-06-04T22:08:41Z2023-03-13T05:09:10Z
cdn.fqtag.com187752018-05-30T16:51:44Z2023-03-10T11:52:09Z
www.uplevelreward.comunknown2022-06-02T10:57:03Z2023-03-09T17:36:16Z

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
highClient IP 216.93.246.18
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 216.93.246.18
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 27.111.12.93
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 70.85.220.74
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 27.111.12.93
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 216.93.246.18
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 216.145.109.98
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 70.85.220.74
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 216.145.109.98
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 27.111.12.93
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 70.85.220.74
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 216.145.109.98
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 216.93.246.18
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (133)

HTTP Transactions (61)

URLIPResponseSize
www.uplevelreward.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&RBC=1&reward=victoriassecret1000&o=213460&affsecid=4397070343&subaff1=16259&subaff2=201927&subaff3=200916&subaff4=Victorias-Secret-1000&DVID=
172.67.161.106301 Moved Permanently0 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK939 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK5.3 kB
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK12 B
ocsp.pki.goog/s/gts1p5/mKU_mrgfTpE
142.250.74.131200 OK472 B
www.uplevelreward.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7907ea5a2b0d1c0a
104.21.90.212200 OK42 B
ocsp.pki.goog/s/gts1p5/mKU_mrgfTpE
142.250.74.131200 OK472 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK66 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
push.services.mozilla.com/
52.40.48.115101 Switching Protocols0 B
www.uplevelreward.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7907ea5a2b0d1c0a
104.21.90.212200 OK22 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK7.0 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
34.120.237.76200 OK13 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK7.5 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK7.6 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b7aa725-5968-4227-af9b-77dd57d6a123.jpeg
34.120.237.76200 OK6.7 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
34.120.237.76200 OK4.6 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900&display=swap
142.250.74.106200 OK1.0 kB
ocsp.digicert.com/
93.184.220.29200 OK278 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg
104.18.90.64503 Service Unavailable18 kB
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK11 kB
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
216.58.207.227200 OK9.3 kB
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK18 kB
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK16 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
216.58.207.227200 OK8.7 kB
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK17 kB
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK7.7 kB
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK16 kB
ocsp.digicert.com/
93.184.220.29200 OK278 B
www.clicken.us/tag/LocalStorageSetNew.html?1=1&vid=a7b2wD8tik%7CCQrteEyPJoQ2
104.18.130.12503 Service Temporarily Unavailable8.5 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
www.google.com/recaptcha/api.js?onload=onloadCallback&render=6LcJK64UAAAAAKwjDYyWpakQ_5aFAb34tK-EkiDA
142.250.74.164200 OK609 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.207.227200 OK164 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
ocsp.digicert.com/
93.184.220.29200 OK1.1 kB
fqtag.com/implement.js?org=fCq1gZqyFqUkeesfgeVC&rt=click&s=a7b2wD8tik%7CCQrteEyPJoQ2&p=201927&a=16259&cmp=200916&c1=Victorias-Secret-1000&c2=16259_201927_200916_Victorias-Secret-1000
35.190.72.161200 OK2.8 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK108 kB
rules.quantcount.com/rules-p-GYKC8ztuNQmWF.js
54.230.111.47200 OK160 B
pixel.quantserve.com/pixel;r=624789816;rf=0;a=p-GYKC8ztuNQmWF;url=https%3A%2F%2Fwww.uplevelreward.com%2FPixelEventLogIframe.aspx%3FFlowID%3D22101%26VID%3Da7b2wD8tik%257CCQrteEyPJoQ2%26PixelEvtID%3D16041%26fbclid%3D%26gclid%3D%26ckmc%3D%26ckmscn%3D%26ckmsc%3D;ref=https%3A%2F%2Fwww.uplevelreward.com%2F%3FFlow%3D6b51d955-0748-462e-9eb5-0ccdd7eceb37%26isPrePop%3Dtrue%26RBC%3D1%26reward%3Dvictoriassecret1000%26o%3D213460%26affsecid%3D4397070343%26subaff1%3D16259%26subaff2%3D201927%26subaff3%3D200916%26subaff4%3DVictorias-Secret-1000%26DVID%3D;uht=2;fpan=1;fpa=P0-752682566-1674889910169;pbc=;ns=1;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=uplevelreward.com;dst=0;et=1674889910239;tzo=0;ogl=;ses=ee850c3d-b59b-4350-aa18-3cd163ff8517
91.228.74.251200 OK134 B
fqtag.com/pixel
35.190.72.161204 No Content0 B
aux.fqtag.com/aux/d
35.190.13.203204 No Content0 B
aux.fqtag.com/aux/p
35.190.13.203204 No Content227 B
www.uplevelreward.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&RBC=1&reward=victoriassecret1000&o=213460&affsecid=4397070343&subaff1=16259&subaff2=201927&subaff3=200916&subaff4=Victorias-Secret-1000&DVID=
104.21.90.212503 Service Unavailable0 B
www.uplevelreward.com/favicon.ico
104.21.90.212503 Service Unavailable0 B
secure.quantserve.com/quant.js
91.228.74.251200 OK0 B
www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg
104.18.90.64503 Service Unavailable0 B
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK0 B
www.cdn925.com/PathImg/common/rewards_favi.ico
104.18.90.64503 Service Unavailable0 B