Report Overview

  1. Submitted URL

    sh.st/st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/Eh8gsV3pkEzQ.zip

  2. IP

    104.26.7.218

    ASN

    #13335 CLOUDFLARENET

  3. Submitted

    2023-06-07 06:01:14

    Access

    public

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  1. urlquery

    0

  2. Network Intrusion Detection

    0

  3. Threat Detection Systems

    6

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
accounts.google.com811997-09-152016-03-202023-06-07
my.rtmark.net90542014-10-292015-02-042023-06-07
xdiwbc.comunknown2023-02-072023-02-072023-06-07
ubbfpm.comunknown2022-05-312022-05-312023-06-07
destyy.com1959972017-05-052017-05-092023-06-06
fonts.gstatic.comunknown2008-02-112014-09-092023-06-07
ptauxofi.net356282021-03-312021-03-312023-06-06
kultingecauyuksehinkitw.infounknown2023-04-032023-04-272023-06-07
amunfezanttor.comunknown2023-03-312023-03-312023-06-07
i.wmgtr.com136962020-09-112020-09-112023-06-06
pogothere.xyzunknown2022-08-222022-09-042023-06-07
static.sh.st2761042013-07-012016-10-202023-06-06
d3t3z4teexdk2r.cloudfront.netunknown2008-04-252022-07-162023-06-06
ja.rewashwudu.comunknown2022-10-042022-10-042023-06-06
thycantyoubelike.comunknown2023-05-302023-06-012023-06-07
xngqoc.comunknown2023-03-032023-03-032023-06-07
prhzxq.comunknown2022-06-292022-06-292023-06-06
sh.st1185692013-07-012014-06-272023-06-07
ocsp.pki.goog1752016-06-132018-07-012023-06-07
www.google.com71997-09-152015-05-102023-06-06
www.googletagmanager.com752011-11-112013-05-222023-06-07
www.gstatic.comunknown2008-02-112016-07-262023-06-07
fonts.googleapis.com88772005-01-252013-06-102023-06-07

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS
SeverityIndicatorAlert
mediumxngqoc.com
mediumxngqoc.com
mediumxngqoc.com

ThreatFox

No alerts detected


JavaScript (31)

HTTP Transactions (96)

URLIPResponseSize
sh.st/st/67bc8ab5ab558c89e176234140e8de87/drop.hitmoe.com/goto/mexa.sh/Eh8gsV3pkEzQ.zip
104.26.7.218302 Found64 kB
static.sh.st/js/packed/interstitial-page.js?2022-06-29.0
172.67.68.250200 OK25 kB
d3t3z4teexdk2r.cloudfront.net/?etztd=962089
54.230.245.161200 OK116 kB
ja.rewashwudu.com/fmwhVStpL4dxap/46223
172.255.6.49200 OK26 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
142.250.74.132200 OK580 B
ubbfpm.com/ms/1102360/inpage.js
95.216.206.230200 OK201 kB
static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2022-06-29.0
172.67.68.250200 OK6.2 kB
destyy.com/bundles/smeweb/img/tracking-168861.gif?t=1686117654
104.26.7.218200 OK43 B
destyy.com/bundles/smeweb/img/advertisement-tracking-168861.gif?t=1686117654
104.26.7.218200 OK43 B
destyy.com/bundles/advertisement/img/tracking.gif?test=4a1c520aedf3035a46bdab72bda6c924aa0b788c
104.26.7.218200 OK0 B
static.sh.st/bundles/smeweb/img/widget-sprite.png?2022-06-29.0
172.67.68.250200 OK84 kB
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK46 kB
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK46 kB
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
142.250.74.168200 OK42 kB
ptauxofi.net/pfe/current/tag.min.js?z=4157053
139.45.197.250200 OK6.0 kB
kultingecauyuksehinkitw.info/ZWRLN2sEBihaVARZKREeFwh2ElkjQXlxD1YQeE1fEQEuTw8OVjkZCAkLPlMNFwslQ0ULAT8SWSMWHnEIVzYDbhEqIixeODY1bgUpMAonZzEyUANTPlBWG2I+FyMIdRo0HAYEIicqbgUtNSceXScOPRh1ExEcGl1fNgYcVDouJigSWScpCkMCIB5/ByhWMhp6PysxLmIhVy17bhktM3sHPxwxEX0SXCEbdT5VBx56BzYeewM/JlQqZy88MC9dKQkBGm0DNyMJElkjMCVhIwEzGQcyMDYseFpdFQpOAxwmA2YkBCMNRwgOLnptIzcMGXAqCTUMcS0gMxJwDTMMLFEDSCp5ZQEGHR1kUz8AHGEcAQ8RXzESPnplBiMdCX86NCsYYT8sDCBYCAI1CGVZIwkMfzk0LhxYI0MOOFgFFVk+YCoVIAJPOBYdO2EaLg
52.85.242.41200 OK1.2 kB
kultingecauyuksehinkitw.info/MWpYVmdQCDs7WFBXOnASQwZlc1V3T2oQAwIeayxTRQ89LgNaWCp4BF0FLTIBQwU2IklfDyxzVXcfFT0QSDgQEDV4Wy8/M1ozNAAJXSMaHlNyDB0xMnsBHSQvASAgMCVGPz0+XkkpDG4mcD8ePyVkDTcSVGMyAD9WUiNoITJ6PC84M3AkKQMecD4cZQBkJxkQA3sdYDgkdycyBDNGLgs/XmYzPwQzUjxgJCQAGT8ODmc/GRcIeQszEz9XDRIlJGAkYRBUUhAeZVNyIRo+BH4/KD42RiNoFQl4HxoeAGkOIhs/Vw0RZCVJDn1kIVJZDhQkAyMbNDFgKz4QSmQCHToMWyxrD1RwIi8SA3QvHDAmfwIJIS5APSIPMmcpFh0+ZCRoMDZ/WwAhLUA4azomFwArOQlBVxYOAnk5GxspAycr
52.85.242.41200 OK1.2 kB
kultingecauyuksehinkitw.info/YnNTVUQDETA4ewNOMXMxEB9ucHYkVmETIFEHYC9wFhY2LSAJQSF7Jw4cJjEiEBw9IWoMFidwdiQrBAIoAyQbFHIgGQJwdiAnKmUFMh4FHyZTByIMEShWYRMFGxhgHS0OJhcXN1IwOWwyMhoSPwgIOSIeBRUWNRYzKSMFBzUEGyRhBhhCPwMuFTscAhIgFSQyYVAxHD51FicqbXE2JwISDSY2MBsVClZhEyUIKSAHdhJKAjgoIDo+OQYENTwMIjc5IxcQL0ERBgIvEhQyDTslaxMmCSFrAiwKSgI4LwA/G2QAJTU7JB00RiMEDFsCAhFwLzwHGCIENSA2JQkxPAITTwMjBAMKPjISIzU+ESZhUDUDPXwKJxQyITMkOwwgJRsEGQIwAXU/Nw0dI2gSITcAA3EEIykSLFArBiI
52.85.242.41200 OK1.2 kB
thycantyoubelike.com/V2QzOEh4W1BLdQIyfkEcOl1DYT8BXWtVAjAla1wsDSN2ei0RDxVMITNZCg56Z10BHjg+AA4JcHEXR1k8IhcOCW4+ClVXdXESDglmZ0oBFntxEQ4JbiMUUl91ZkJDTDw7WQIOcGFVAg9+YlAACng
188.114.96.1204 No Content0 B
thycantyoubelike.com/ZWs5eHpKVFoLRwEAdysoMD14G0gVUlpIMB8KCklCNzNJHxw9Kh8MEwFWAE1DVFoBXgoMDwRJXBYfWAwPFlYIXhMLDVZFXBNWCFZJUUUKSlRXTUxFS0MfSRkdWFofCA4RBwRJTF1dCElNU14NS0ld
188.114.96.1204 No Content0 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
xngqoc.com/er?a=1
185.162.85.20200 OK0 B
xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG
185.162.85.20204 No Content0 B
ptauxofi.net/zone?pub=0&zone_id=4157053&is_mobile=false&domain=destyy.com&var=&ymid=&var_3=
139.45.197.250200 OK908 B
www.googletagmanager.com/gtag/js?id=AW-997869120&l=dataLayer&cx=c
142.250.74.168200 OK54 kB
xngqoc.com/trt?a=1&t=228
185.162.85.20200 OK0 B
ptauxofi.net/custom
139.45.197.250200 OK0 B
www.googletagmanager.com/td?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0
142.250.74.168204 No Content0 B
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=destyy.com%2FegIasF&tdp=AW-997869120;;0;2;0&z=0
142.250.74.168200 OK0 B
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.init&eid=0&h=Ag&z=0
142.250.74.168200 OK0 B
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0
142.250.74.168200 OK0 B
ptauxofi.net/custom
139.45.197.250200 OK39 B
d3t3z4teexdk2r.cloudfront.net/uMkwyRHFRI1wiTkYlVnlIBH4CfEgUJkErH0JxfBwUeh9xCT8AAUFiBUgoD3RXXi1cI0wUKVwnTANqUyATD3gUMAFdJw8nCFMjRTwDSi9WYgRTcV8rC1sgXiVUAAoHakEXfgJsCQN9F3czF34CKBhcOUphQwI0CnIuBHgXdzMXfgI2Bxd/c3VBC2ICbVQAfF-UhElkjF3Y3AHwDdEEDfANhQwIqWzYUVCNKYUN0fQN1XwJqR3lA
54.230.245.161 495 B
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0
142.250.74.168200 OK0 B
d3t3z4teexdk2r.cloudfront.net/rUFc2RHYzOFgiSSQ+UnlPZW4HdU52PUUrGCBqQxM3IBN/PCUjLkYSBxtxQj4SbWcQKBc+MAtiEz40C3VQMTNUeUJ2I0YrHW00TyUZJy9EPBU0cUMlSz04TC0aPDYTdjBleQZhRGB/TnVHdWR0YURgO18qAyhyBHQOaGFpckJ1ZHRhRGAlQGFFEWYGfVhgfh-N2RjcyVS8ZdWVwdkZhZwZ1RmFyBHQQOSVTIhkocgQCR2FmGHRQJWoH
54.230.245.99 505 B
d3t3z4teexdk2r.cloudfront.net/XWWlaWHA6BjQ+Ty0APmVJb1tqYUJ/Ayk3HilUDBs0Cj9vPiAjLjJqKAwefCwKPVRqfhw4Bz1lVjwHOWVBfwg+Ok1tTy85TTQGIDEcNQh/ajZsR2p9QmlBImlBfFoYfUJpBTM2BSFMaGgIYV8FbkR8Whh9QmkbLH1DGFhqYV5pQH9qQD4MOTMffFscakBoWW-ppQGhMaGgWMBs/Ph8hTGgeQWhYdGhWLFRr
54.230.245.99 209 B
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.dom&eid=4&u=AAAAAAAAAAAAAIA&h=Ag&z=0
142.250.74.168200 OK0 B
amunfezanttor.com/event
139.45.197.250200 OK0 B
my.rtmark.net/gid.js?pub=0&userId=f0a003d124d74be4b8e77512eeda0509&zoneId=4157053&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK65 B
ptauxofi.net/custom
139.45.197.250200 OK39 B
amunfezanttor.com/event
139.45.197.250200 OK94 B
amunfezanttor.com/event
139.45.197.250200 OK94 B
prhzxq.com/wnrw?aid=8707187291556299550&a=1
185.162.85.2200 OK0 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
142.250.74.35200 OK166 kB
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
thycantyoubelike.com/popunder.gif
188.114.96.1200 OK0 B
ocsp.pki.goog/gts1c3
142.250.74.131 471 B
kultingecauyuksehinkitw.info/utx?cb=x50kNhVB1yKJ&top=destyy.com&tid=959118
52.85.242.41204 No Content0 B
kultingecauyuksehinkitw.info/utx?cb=xhtApGLVF0JC&top=destyy.com&tid=962089
52.85.242.41204 No Content0 B
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2Rlc3R5eS5jb206ODA.&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&badge=bottomright&cb=8xd6w66scfr5
142.250.74.132200 OK28 kB
thycantyoubelike.com/popunder.gif
188.114.96.1200 OK441 B
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneF4mT4oL3AHvLQp0Xnjxc4II0MXRXhDagJuGTGcmX09WZxNCV0MoYth5KtV1wOvvktYiRER
142.250.74.109302 Found397 B
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
142.250.74.35200 OK25 kB
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
142.250.74.35200 OK166 kB
thycantyoubelike.com/cEp0d2RfdRcEWRMNFw0GJS4zIRMEHBciNigJGCFBQgglRlAyHCw+QgQjEEpdRXNFRlxWOh0TWUFsBwMFBD8HSldAekVRDR4sG0pUQHpFURJNe1pEUF55RllWVj9JRlRAf0VDUEJ/REVUQ3pDQkIEOhUQWUFsBAMQHHdFQVxGe0VAUkV/TUFV
188.114.96.1204 No Content0 B
accounts.google.com/v3/signin/identifier?dsh=S218300087%3A1686117656362225&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFjB16GuhIM2Ebo-j5sr073Wv_A-aAnZ3m0H1R78InrYtyUiGIgkn5vWxXN0D_j6MSAZ_XqtQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden16 kB
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK16 kB
www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-
142.250.74.132200 OK112 B
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK2.2 kB
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
142.250.74.35200 OK166 kB
ptauxofi.net/custom
139.45.197.250200 OK39 B
www.google.com/recaptcha/api2/bframe?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
142.250.74.132200 OK1.2 kB
xdiwbc.com/template/social.html
172.64.106.34200 OK26 kB
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found166 kB
www.google.com/recaptcha/api2/reload?k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
142.250.74.132200 OK25 kB
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK15 kB
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK15 kB
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK16 kB
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.35200 OK600 B
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.35200 OK530 B
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.35200 OK665 B
www.google.com/recaptcha/api2/payload?p=06AL8dmw-7vNQgMaviCtkQKeVyi5rzCi4puBT1qcCsiZo8efQ8MlfEUy1GPm47IcZfYQRN-sOpa_dGUsmQ6zER3XEUR7IwERE6hfjqEboJYc-Pj_9_njejA28o9XyUNqH_FKx15St9f3zF3PxZDxtmlQ5keXChnIfR5qHEWHsHX8NQOZn-OwFjAqxST_mkp7ef9aKF5IyRTFJH&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8
142.250.74.132200 OK41 kB
www.googletagmanager.com/a?id=AW-997869120&v=3&t=t&pid=311333527&cv=1&rv=3650&tc=1&es=1&e=gtm.load&eid=5&u=AgAAAAAAAAAAAIA&h=Ag&z=0
142.250.74.168200 OK0 B
pogothere.xyz/asd100.bin
172.64.106.19200 OK102 kB
accounts.google.com/v3/signin/identifier?dsh=S-1844695949%3A1686117656353130&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneG0Ws-LSJOt0pgiLypwT3nkQAabsqQ1An3lRt5GJPtk0TYuqBEiG_W1JJkoiAzSPejk9jWzkg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden0 B
pogothere.xyz/
172.64.106.19200 OK27 B
i.wmgtr.com/cim/7sHsJGxok1q29pLDUa6kchrvXXkQoroo.png
0.0.0.0 0 B
fonts.googleapis.com/css?family=Raleway:400,700
142.250.74.106200 OK3.3 kB
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found0 B
ptauxofi.net/pfe/current/universal.min.js?v=3.1.438
139.45.197.250200 OK103 kB
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHMejD03hwMELBiY_WdCVlS89KO5K_7Wf-Zoqs7FI7PxczVCFoO5MTiQQR-yOtOtxgtTWh4
142.250.74.109302 Found0 B
pogothere.xyz/
172.64.106.19200 OK27 B
destyy.com/egIasF?utm_source=&utm_medium=QL&utm_name=1
104.26.7.218200 OK96 kB
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTE5NDYyMywid2lkIjo0Mzk2MzQsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cDovL2Rlc3R5eS5jb20vZWdJYXNG&inc=1
185.162.85.2200 OK375 B
ptauxofi.net/pfe/current/defaultSkin.min.js
139.45.197.250200 OK57 kB
pogothere.xyz/asd100.bin
172.64.106.19200 OK102 kB
thycantyoubelike.com/Q2tDZ1hsVCAUZRoHES05OSEVPRAFPwEhGioOBQwbFSxyQmoBMzQyfjcCJ1phdVlzX2FlGyoDZXJNMBM5Nx4wWmllAi0BN35NNVppbVh3SWtxRXFBLX5aZRMoIgx+Vn4zHzcLZXJde1Fpclx1UmxwW3E
188.114.96.1204 No Content0 B
i.wmgtr.com/cic/murhAmQh21f4T9ccQqO5-gsYmuICohiw.png
0.0.0.0 0 B