Report Overview

  1. Submitted URL

    hexupload.net/3r0zad266lmh/Bayonetta_2_(NSP)(Base_Game).part1.rar

  2. IP

    188.114.97.1

    ASN

    #13335 CLOUDFLARENET

  3. Submitted

    2023-01-28 20:34:44

    Access

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    12

  4. Threat Detection Systems

    28

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
cdnjs.cloudflare.com2352015-04-17T22:46:33Z2023-03-13T05:09:21Z
4.adsco.re191792021-01-04T17:47:52Z2023-03-13T05:15:45Z
s10.histats.com152112012-05-21T19:14:14Z2023-03-13T05:19:20Z
s4.histats.com127822012-05-21T19:14:14Z2023-03-13T05:19:20Z
cdn.jsdelivr.net4392012-09-30T02:15:09Z2023-03-13T06:17:54Z
r3.o.lencr.org3442020-12-02T09:52:13Z2023-03-13T05:09:07Z
notifpush.com586962019-04-07T17:40:01Z2023-03-10T18:30:36Z
www.google-analytics.com402012-10-03T03:04:21Z2023-03-13T07:36:03Z
firefox.settings.services.mozilla.com8672020-06-04T22:08:41Z2023-03-13T05:09:10Z
simplewebanalysis.comunknown2022-02-25T05:06:25Z2023-03-13T08:33:39Z
banquetunarmedgrater.comunknown2022-08-04T17:12:50Z2023-03-13T05:26:56Z
ocsp.globalsign.com20752012-07-20T19:46:16Z2023-03-13T05:09:19Z
vsb32.tawk.to1127152020-04-04T11:43:59Z2023-03-09T12:47:58Z
embed.tawk.to86502014-03-19T22:03:49Z2023-03-13T08:30:57Z
friendshipmale.comunknown2022-10-21T14:15:25Z2023-03-13T08:33:43Z
hexupload.net3168642018-06-30T03:03:57Z2023-03-10T11:27:23Z
www.googletagmanager.com752013-05-22T04:07:37Z2023-03-13T08:28:24Z
gjigle.com2012642018-11-29T18:33:02Z2023-03-09T17:29:17Z
442ykqmrvwlw.l4.adsco.reunknown
contile.services.mozilla.com11142021-05-27T20:32:35Z2023-03-13T05:09:13Z
waisheph.com749942020-12-10T01:25:39Z2023-03-13T03:33:00Z
region1.google-analytics.comunknown2022-03-17T12:26:33Z2023-03-13T05:09:18Z
img-getpocket.cdn.mozilla.net16312018-06-22T01:36:00Z2023-03-13T05:09:16Z
c.adsco.re165772017-11-29T19:42:15Z2023-03-13T05:15:45Z
cdn.adapex.io228442017-11-15T02:18:11Z2023-03-10T14:38:08Z
ocsp.pki.goog1752018-07-01T08:43:07Z2023-03-13T05:09:47Z
henoticpipi.comunknown2022-08-16T13:00:44Z2023-03-13T05:27:07Z
brunchcreatesenses.comunknown2022-09-19T04:22:13Z2023-03-06T03:36:18Z
content-signature-2.cdn.mozilla.net11522020-11-03T13:26:46Z2023-03-13T05:09:35Z
ocsp.sca1b.amazontrust.com10152017-03-03T16:20:51Z2019-03-27T05:05:54Z
6.adsco.re178122018-01-15T05:15:29Z2023-03-13T05:15:45Z
442ykqmrvwlw.n4.adsco.reunknown
adsco.re85412017-04-03T05:11:30Z2023-03-13T05:15:45Z
unseenreport.comunknown2022-03-30T16:33:17Z2023-03-13T05:15:47Z
ocsp.digicert.com862012-05-21T09:02:23Z2023-03-13T06:00:13Z
fonts.gstatic.comunknown2014-09-09T02:40:21Z2023-03-13T08:44:36Z
push.services.mozilla.com21402014-10-24T10:27:06Z2023-03-13T05:09:14Z
my.rtmark.net90542015-02-04T10:54:57Z2023-03-13T05:11:40Z
nanouwho.comunknown2022-07-09T22:30:29Z2023-03-13T05:15:46Z
sweepfrequencydissolved.comunknown2023-01-22T02:45:20Z2023-02-28T17:55:25Z
e1.o.lencr.org61592021-08-20T09:36:30Z2023-03-13T05:21:46Z
442ykqmrvwlw.s4.adsco.reunknown
code.jquery.com6342012-05-21T19:28:02Z2023-03-13T05:09:57Z

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IPInternal IP
ET DNS Query for .to TLD
mediumClient IPInternal IP
ET DNS Query for .to TLD
highClient IP 185.200.118.90
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 38.132.109.186
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 185.200.116.90
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 185.200.118.90
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 38.132.109.186
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
highClient IP 185.200.116.90
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
mediumClient IPInternal IP
ET DNS Query for .to TLD
mediumClient IPInternal IP
ET DNS Query for .to TLD
mediumClient IPInternal IP
ET DNS Query for .to TLD
mediumClient IPInternal IP
ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter
SeverityIndicatorAlert
mediumhenoticpipi.com/gS6Tzmf1JeKCRad/54684Malware
mediumbrunchcreatesenses.com/a8/9e/e8/a89ee8499c5793406d08e633580e2da5.jsMalware
mediumfriendshipmale.com/sfp.jsMalware

mnemonic secure dns

No alerts detected


Quad9 DNS
SeverityIndicatorAlert
mediumwaisheph.comSinkholed
mediumbrunchcreatesenses.comSinkholed
mediumwaisheph.comSinkholed
mediumnanouwho.comSinkholed
mediumnanouwho.comSinkholed
mediumnanouwho.comSinkholed
mediumsweepfrequencydissolved.comSinkholed
mediumbanquetunarmedgrater.comSinkholed
mediumunseenreport.comSinkholed
mediumunseenreport.comSinkholed
mediumwaisheph.comSinkholed

ThreatFox

No alerts detected


JavaScript (198)

HTTP Transactions (98)

URLIPResponseSize
hexupload.net/3r0zad266lmh/Bayonetta_2_(NSP)(Base_Game).part1.rar
188.114.97.1301 Moved Permanently0 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK939 B
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK5.3 kB
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK12 B
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
104.17.24.14200 OK6.6 kB
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK31 kB
ocsp.digicert.com/
93.184.220.29200 OK279 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
cdn.adapex.io/hb/aaw.hpd.js
188.114.96.1200 OK23 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK329 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
www.googletagmanager.com/gtag/js?id=G-94BPVYM7D3
172.217.21.168200 OK80 kB
ocsp.digicert.com/
93.184.220.29200 OK279 B
www.googletagmanager.com/gtag/js?id=UA-120931509-1
172.217.21.168200 OK44 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK23 kB
r3.o.lencr.org/
23.36.77.32200 OK503 B
fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf
142.250.74.35200 OK27 kB
r3.o.lencr.org/
23.36.77.32200 OK503 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
henoticpipi.com/gS6Tzmf1JeKCRad/54684
23.109.87.174200 OK26 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
waisheph.com/tag.min.js
139.45.197.245200 OK24 kB
push.services.mozilla.com/
35.155.48.47101 Switching Protocols0 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
my.rtmark.net/gid.js?userId=a25f14cd5e9f47a9a35f26ef3f526ed4
139.45.195.8200 OK65 B
brunchcreatesenses.com/a8/9e/e8/a89ee8499c5793406d08e633580e2da5.js
192.243.61.227200 OK21 kB
waisheph.com/5/4785761/?oo=1&aab=1
139.45.197.245200 OK1.6 kB
ocsp.digicert.com/
93.184.220.29200 OK280 B
ocsp.digicert.com/
93.184.220.29200 OK279 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
nanouwho.com/9?z=4796097&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fhexupload.net%2F3r0zad266lmh%2FBayonetta_2_(NSP)(Base_Game).part1.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=a25f14cd5e9f47a9a35f26ef3f526ed4
139.45.197.242204 No Content0 B
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK471 B
simplewebanalysis.com/stats
3.120.47.42200 OK40 B
nanouwho.com/9?z=4796097&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fhexupload.net%2F3r0zad266lmh%2FBayonetta_2_(NSP)(Base_Game).part1.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=a25f14cd5e9f47a9a35f26ef3f526ed4
139.45.197.242200 OK7 B
ocsp.digicert.com/
93.184.220.29200 OK280 B
nanouwho.com/1?z=4796097
139.45.197.242200 OK137 kB
r3.o.lencr.org/
23.36.77.32200 OK503 B
sweepfrequencydissolved.com/17/e2/77/17e2773ee1dd5eb310c541adcc402c4c.js
192.243.59.13200 OK13 kB
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
6.adsco.re/
104.17.166.186200 OK0 B
gjigle.com/visits-optins
15.188.162.86200 OK2 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
gjigle.com/visits-optins
15.188.162.86204 No Content0 B
4.adsco.re/
162.252.214.5200 OK62 B
442ykqmrvwlw.l4.adsco.re/
185.200.118.90200 OK0 B
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK0 B
e1.o.lencr.org/
23.36.77.32200 OK346 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
region1.google-analytics.com/g/collect?v=2&tid=G-94BPVYM7D3&gtm=2oe1p0&_p=1836278778&cid=93279871.1674938079&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674938078&sct=1&seg=0&dl=https%3A%2F%2Fhexupload.net%2F3r0zad266lmh%2FBayonetta_2_(NSP)(Base_Game).part1.rar&dt=Download%20(NSP)(Base%20Game)%20part1%20rar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content0 B
www.google-analytics.com/analytics.js
142.250.74.46200 OK20 kB
r3.o.lencr.org/
23.36.77.32200 OK503 B
e1.o.lencr.org/
23.36.77.32200 OK346 B
www.google-analytics.com/j/collect?v=1&_v=j99&a=1836278778&t=pageview&_s=1&dl=https%3A%2F%2Fhexupload.net%2F3r0zad266lmh%2FBayonetta_2_(NSP)(Base_Game).part1.rar&ul=en-us&de=UTF-8&dt=Download%20(NSP)(Base%20Game)%20part1%20rar&sd=24-bit&sr=1280x1024&vp=1280x898&je=0&_u=YADAAUABAAAAACAAI~&jid=1339516444&gjid=1093593738&cid=93279871.1674938079&tid=UA-120931509-1&_gid=1333482097.1674938079&_r=1&_slc=1&gtm=2ou1p0&z=1560666639
142.250.74.46200 OK2 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
s10.histats.com/js15_as.js
46.105.201.240200 OK4.4 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK4.5 kB
r3.o.lencr.org/
23.36.77.32200 OK503 B
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
34.120.237.76200 OK12 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK12 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK7.6 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
34.120.237.76200 OK13 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
34.120.237.76200 OK8.7 kB
442ykqmrvwlw.n4.adsco.re/
38.132.109.186200 OK0 B
adsco.re/p
162.252.214.5200 OK132 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
s4.histats.com/stats/0.php?4167218&@f16&@g1&@h1&@i1&@j1674938079289&@k0&@l1&@mDownload%20(NSP)(Base%20Game)%20part1%20rar&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:55402026&@b3:1674938079&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhexupload.net%2F3r0zad266lmh%2FBayonetta_2_(NSP)(Base_Game).part1.rar&@w
54.39.156.32200 OK49 B
442ykqmrvwlw.s4.adsco.re/
185.200.116.90200 OK0 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
r3.o.lencr.org/
23.36.77.32200 OK503 B
unseenreport.com/pxf.gif?uuid=c23c188b-a560-4185-9b04-b5671ab6d552&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a89ee8499c5793406d08e633580e2da5&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.12200 OK4.0 kB
unseenreport.com/pxf.gif?uuid=c23c188b-a560-4185-9b04-b5671ab6d552&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=17e2773ee1dd5eb310c541adcc402c4c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.12200 OK1 B
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.1.229200 OK78 kB
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK1.5 kB
vsb32.tawk.to/s/?k=63d586dc5625d7d34e05fb5e&cver=0&pop=false&asver=5520&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzIiLCJ2aWQiOiI1ZTdhNDYwZTY5ZTkzMjBjYWFiYzhhYzItQ25fZjVRODYwNzdPMDQxbHU4bVp6Iiwic2lkIjoiNjNkNTg2ZGM1NjI1ZDdkMzRlMDVmYjVlIiwiaWF0IjoxNjc0OTM4MDc2LCJleHAiOjE2NzQ5Mzk4NzYsImp0aSI6Im1McG8tcnk0dGJZWTAwcjhpcUw3dSJ9.IIhpZFROHL9VCimJDcQ-JilYNS5ToOwQaToyl_rSMeHyszSJvBPZg7VHS_VG0W_HogdLIhiQ_jZodXLkoUDzkQ&EIO=3&transport=websocket&__t=ONw5jvN
104.22.25.131101 Switching Protocols0 B
notifpush.com/serviceworker.js
104.26.12.128304 Not Modified0 B
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
172.67.38.66200 OK0 B
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
172.67.38.66200 OK0 B
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
172.67.38.66200 OK0 B
notifpush.com/scripts/nadz-sdk.js
172.67.69.2200 OK0 B
notifpush.com/scripts/adsblocker.js
172.67.69.2200 OK0 B
notifpush.com/serviceworker.js
172.67.69.2200 OK0 B
hexupload.net/3r0zad266lmh/Bayonetta_2_(NSP)(Base_Game).part1.rar
188.114.97.1200 OK0 B
embed.tawk.to/5e7a460e69e9320caabc8ac2/default
172.67.38.66200 OK0 B
notifpush.com/script_parameters/p_9821b7c2e007d136.json
172.67.69.2200 OK0 B
c.adsco.re/
104.17.166.186200 OK0 B
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
172.67.38.66200 OK0 B
waisheph.com/?rb=na2HGTxznN9ypU83Smr0QytvImiCnTe2qGNwz-UDwBD1BQMod8IeLtRuTHf9py5GduobW7GGYw90ms4Zw8ehIUFIYt82pHiQieJreb5BVqOmp2Bghz5reiVCVmqnozyYN5YufOlPK7oenOjD2_3gXw0fjHfxa1jMipSLHfsmZhRmSZxI7egvxxymO4C5kTZQ2Qw96geh9sy9o5dshVP9SWMzpChU8xharXTWmuR4Vlk%3D&request_ab2=0&zoneid=4785761&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fhexupload.net%2F3r0zad266lmh%2FBayonetta_2_(NSP)(Base_Game).part1.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=37cd3086-736a-48f5-917c-5a543c5ab19f&userId=a25f14cd5e9f47a9a35f26ef3f526ed4&m=link
139.45.197.245200 OK0 B
friendshipmale.com/sfp.js
172.64.140.24200 OK0 B