Report Overview
Visitedpublic
2026-01-02 06:00:27
Tags
Submit Tags
URL
area.wthelpdesk.com/TQjxyk/B/s/D.htm
Finishing URL
area.wthelpdesk.com/TQjxyk/B/s/D.htm
IP / ASN
185.53.178.99
Title
wthelpdesk.com
Detections
urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
5
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
obseu.youstarsbuilding.com | 1721811 | 2022-08-01 | 2023-11-07 | 2025-12-26 | 10 kB | 5.5 kB |  34.251.101.162 | |
d38psrni17bvxu.cloudfront.net | unknown | 2008-04-25 | 2022-09-22 | 2025-12-31 | 413 B | 12 kB |  54.192.209.190 |    |
afs.googleusercontent.com | 65181 | 2008-11-17 | 2013-05-06 | 2025-12-28 | 1.0 kB | 2.2 kB | 142.250.74.33 | |
ep1.adtrafficquality.google | 3093 | 2023-11-17 | 2024-07-24 | 2025-12-28 | 537 B | 11 kB | 142.250.74.34 | |
ep2.adtrafficquality.google | 3229 | 2023-11-17 | 2024-08-13 | 2025-12-29 | 994 B | 34 kB | 142.251.142.225 | |
euob.youstarsbuilding.com 1 alert(s) on this Host | 2095641 | 2022-08-01 | 2023-10-25 | 2025-12-26 | 458 B | 120 kB | 65.9.46.101 |  |
www.google.com | 22 | 1997-09-15 | 2015-05-10 | 2025-12-28 | 366 B | 135 kB | 216.58.207.196 | |
syndicatedsearch.goog 1 alert(s) on this Host | 5365 | 2023-04-14 | 2023-09-25 | 2025-12-28 | 3.9 kB | 153 kB | 142.250.178.78 |  |
area.wthelpdesk.com 13 alert(s) on this Host | unknown | 2019-12-03 | 2016-11-14 | 2025-07-30 | 2.9 kB | 20 kB | 185.53.178.99 | |
Amazon CloudFront (CDN)
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.Amazon Web Services (PaaS)
Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Caddy (Web servers)
Google Web Server (Web servers)
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | 34.251.101.162 |  172.18.0.13 | ET INFO Observed ZeroSSL SSL/TLS Certificate |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Nextron YARA rules | area.wthelpdesk.com/TQjxyk/B/s/D.htm | malware | APT 10 / Cloud Hopper malware campaign |
| Nextron YARA rules | syndicatedsearch.goog/afs/ads?sjk=opl%2BBa4iQLyNscfLPLQn3Q%3D%3D&adtest=off&psid=5837883959&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=no&ivt=0&rpbu=http%3A%2F%2Farea.wthelpdesk.com%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.PNam2PxQcl2KYZ2-HZxr0ApmDNA6FAb24yNp0WwVyY8ZWfueoZ-KlQ.QGm_C96Z4J8-cK1JvoRQAw.lHjzJj3701N1jO11eYbks5wfdApwstuc6Petr9MfXq2Ib7Y6W9wXC9ST6uHYr2SQbggyeOXRCy4-k7dVnXI5IM6hR-D7-_rOx45dSb20QMicQWFrOrjAXQCgYXSg_6jtQUEBf93pd-Y3OoyhNlcU3ZUXv8iEpl_g05H3i4MbyAJrlkQIZMexSZpRyR1EfUVFOlK4J-WM7libwBguxZ6lwlzSjSJqi0G6kpeIqkWEiWq0dugXQCKF7nX-dZrL4l0ptTM0ji55IW1uB3whwsLvebS0if-yoMU4TZyO4VRqlkdQjXeKKgayPv76kcNXjyFCZF5xjyZi_XIbuUnUIcJGBsoC3fZ1Ol-JPSseU58uEEfEAmnllp626IZoY5VEhKx40Ft_r95wsgnK_ip_5FUkPC4NnZGU0QHdpDFrxTu4fQTQa--VSNxFQxVOsABa3OBlw-Dc63f51AYte3Rs1SmrTgGL9qE7LjGJv2MGIZyBNeAAd8dW7aqC0Yg21R_CPNVJ2PFpu52JjHOisiqSkxMcUeaS_KOxl6-3UwJfrTmAs7hzq89ZfQk7-aqM3A7uzLUsrUs3G4NXhwky7VZiGqGDq5wuPWp2pPbgZqn3hSNzoI0.M9x4knRm17ttSwulcsjZPQ&type=3&swp=as-drid-2551495523503148&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3%7Cs&nocache=8131767333608712&num=0&output=afd_ads&domain_name=area.wthelpdesk.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1767333608713&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=796&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=842209568&rurl=http%3A%2F%2Farea.wthelpdesk.com%2FTQjxyk%2FB%2Fs%2FD.htm | malware | APT 10 / Cloud Hopper malware campaign |
| DNS0 Zero | area.wthelpdesk.com | malicious | Sinkholed |
| DNS4EU | area.wthelpdesk.com | malicious | Sinkholed |
| DNS4EU | euob.youstarsbuilding.com | malicious | Sinkholed |
JavaScript (17)
No JavaScripts
HTTP Transactions (25)
| URL | IP | Response | Size |
|---|