Report - leechpremium.link/download.php

Report Overview

URL

leechpremium.link/download.php
IP

192.99.15.221

ASN

#16276 OVH SAS
Submitted

2023-06-09T17:14:16Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

15
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com (2)	235	2015-04-17 22:46:33	2023-06-09 05:09:42	1030	85028	104.17.24.14
t3.gstatic.com (28)	unknown	2013-05-06 22:15:36	2023-06-09 11:38:38	14458	35570	142.250.74.100
adsco.re (1)	8541	2017-04-03 05:11:30	2023-06-09 13:36:43	442	1871	162.252.214.5
wppeg9pjzf8e.l4.adsco.re (1)	unknown	No data	No data	454	462	185.200.118.90
vsb45.tawk.to (1)	115956	2020-04-05 01:04:47	2023-06-09 09:47:20	1075	417	172.67.38.66
va.tawk.to (5)	8297	2017-01-30 05:20:46	2023-06-09 08:03:10	2573	6366	172.67.38.66
ajax.googleapis.com (1)	12905	2013-08-16 11:51:31	2023-06-09 12:00:42	434	32005	142.250.74.138
www.google.com (51)	7	2015-05-10 13:11:19	2023-06-06 13:54:15	23280	41415	142.250.74.132
t1.gstatic.com (26)	unknown	2013-05-07 00:57:20	2023-06-09 11:38:38	13386	31008	142.250.74.68
wppeg9pjzf8e.n4.adsco.re (1)	unknown	No data	No data	454	462	38.132.109.186
cdn4ads.com (1)	46207	2020-04-19 22:21:04	2023-06-09 01:16:36	1140	1590	216.59.63.128
leechpremium.link (32)	unknown	2015-07-09 08:13:44	2023-05-31 02:30:13	15315	254665	192.99.15.221
6.adsco.re (2)	17812	2018-01-15 05:15:29	2023-06-09 13:36:46	831	862	104.17.166.186
c.adsco.re (3)	16577	2017-11-29 19:42:15	2023-06-09 13:36:46	1413	138798	104.17.166.186
wppeg9pjzf8e.s4.adsco.re (1)	unknown	No data	No data	454	462	185.200.116.90
www.cdn4ads.com (1)	105393	2020-04-19 22:21:04	2023-06-09 01:16:08	449	34032	185.76.9.18
ocsp.sectigo.com (2)	487	2019-11-29 12:50:24	2023-06-09 11:02:25	660	1737	104.18.14.101
ocsp.globalsign.com (1)	2075	2012-07-20 19:46:16	2023-06-09 05:11:22	358	1959	151.101.2.133
fonts.googleapis.com (1)	8877	2013-06-10 22:14:26	2023-06-09 10:32:46	447	1057	142.250.74.106
t0.gstatic.com (30)	unknown	2013-05-06 22:22:05	2023-06-09 11:38:38	15494	38970	142.250.74.132
cdn.jsdelivr.net (2)	439	2012-09-30 02:15:09	2023-06-09 05:52:49	868	606584	151.101.129.229
t2.gstatic.com (17)	unknown	2013-05-07 02:09:56	2023-06-09 11:38:38	8755	21218	142.250.74.100
ocsp.pki.goog (13)	175	2018-07-01 08:43:07	2023-06-09 05:09:21	4329	9087	142.250.74.131
www.googletagmanager.com (2)	75	2013-05-22 04:07:37	2023-06-09 11:31:11	885	141337	142.250.74.168
linkgen.vip (8)	unknown	2022-08-31 09:04:27	2023-06-08 01:07:27	3522	6010	192.99.15.221
ad.a-ads.com (1)	26970	2013-04-19 23:54:57	2023-06-09 12:00:11	524	168	213.239.209.209
4.adsco.re (1)	19179	2021-01-04 17:47:52	2023-06-09 13:36:46	397	426	162.252.214.5
fonts.gstatic.com (1)	unknown	2014-09-09 02:40:21	2023-06-09 10:09:08	531	11241	216.58.207.227
i.imgur.com (1)	5110	2012-05-21 10:09:36	2023-06-09 07:07:01	422	6828	151.101.244.193
embed.tawk.to (18)	8650	2014-03-19 22:03:49	2023-06-09 08:03:10	8036	833361	172.67.38.66
beauty-lands.com (1)	28140	2021-02-04 06:48:09	2023-06-09 07:47:35	392	624	172.67.179.141
maxcdn.bootstrapcdn.com (2)	724	2014-06-18 02:37:31	2023-06-09 07:56:26	894	221242	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-09T17:13:56Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-09T17:13:56Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-09T17:13:58Z	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-09T17:13:58Z	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-09T17:13:58Z	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-09T17:13:58Z	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-09T17:13:58Z	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-09T17:13:58Z	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-09T17:13:58Z	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-06-09T17:14:00Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-09T17:14:00Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-09T17:14:00Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-09T17:14:00Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-09T17:14:01Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-06-09T17:14:01Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (258)

	URL	IP	Response	Size
	leechpremium.link/download.php	192.99.15.221	200 OK	29267
Search urlquery URL leechpremium.link/download.php DOMAIN leechpremium.link FQDN leechpremium.link IP 192.99.15.221 Hash d8e2eb5037473ede53d0daa12e3cecd8 External sources Mnemonic PDNS FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 VirusTotal HASH fdc6a3e264bac2593e12287296e0b5823453bf49 FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 crt.sh FQDN leechpremium.link DOMAIN leechpremium.link Fingerprint AC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 URL User Request GET HTTP/1.1 leechpremium.link/download.php IP 192.99.15.221:443 ASN #16276 OVH SAS Certificate IssuerLet's Encrypt Subjectleechpremium.link FingerprintAC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 ValidityTue, 30 May 2023 23:29:46 GMT - Mon, 28 Aug 2023 23:29:45 GMT Magic HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3099), with CRLF line terminators Size 29267 Hash d8e2eb5037473ede53d0daa12e3cecd8 fdc6a3e264bac2593e12287296e0b5823453bf49 a04902deb8857e7dfec52546183db314ee13063805ea7641d792f02881dc4d39 HTTP Headers `GET /download.php HTTP/1.1 Host: leechpremium.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 09 Jun 2023 17:13:55 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By: PHP/5.4.16 Set-Cookie: owner=14218374590000 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8`

	cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css	104.17.24.14	200 OK	5884
Search urlquery URL cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css DOMAIN cloudflare.com FQDN cdnjs.cloudflare.com IP 104.17.24.14 Hash c495654869785bc3df60216616814ad1 External sources Mnemonic PDNS FQDN cdnjs.cloudflare.com DOMAIN cloudflare.com IP 104.17.24.14 VirusTotal HASH 0140952c64e3f2b74ef64e050f2fe86eab6624c8 FQDN cdnjs.cloudflare.com DOMAIN cloudflare.com IP 104.17.24.14 crt.sh FQDN cdnjs.cloudflare.com DOMAIN cloudflare.com Fingerprint A9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://leechpremium.link/download.php Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT Magic troff or preprocessor input, ASCII text, with very long lines (372) Size 5884 Hash c495654869785bc3df60216616814ad1 0140952c64e3f2b74ef64e050f2fe86eab6624c8 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c HTTP Headers `GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://leechpremium.link/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 17:13:56 GMT content-type: text/css; charset=utf-8 content-length: 5884 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e5f-9226" last-modified: Mon, 04 May 2020 16:10:07 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 9753168 expires: Wed, 29 May 2024 17:13:56 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zmk5eSqbakS%2BpODPUqndtzTrJiXtKSy8k0UNp07EG9yw0zPUTb4szuDN0G24YCKFuvD0Jh%2Bu%2FG%2Ba6s0RciLD5vvH9I94gfLf%2Brgo%2BUIep0NYA7nassZNo4jEydey3mqGwBE0mjX2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7d4b020f0eb7b4f7-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	leechpremium.link/style.css	192.99.15.221	200 OK	3957
Search urlquery URL leechpremium.link/style.css DOMAIN leechpremium.link FQDN leechpremium.link IP 192.99.15.221 Hash d4a87bc846f966402bd1edab470ec464 External sources Mnemonic PDNS FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 VirusTotal HASH 4dddf3dcf530fc84dd4434c898e5b7a061f971de FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 crt.sh FQDN leechpremium.link DOMAIN leechpremium.link Fingerprint AC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 URL GET HTTP/1.1 leechpremium.link/style.css IP 192.99.15.221:443 ASN #16276 OVH SAS Requested by https://leechpremium.link/download.php Certificate IssuerLet's Encrypt Subjectleechpremium.link FingerprintAC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 ValidityTue, 30 May 2023 23:29:46 GMT - Mon, 28 Aug 2023 23:29:45 GMT Magic ASCII text, with CRLF line terminators Size 3957 Hash d4a87bc846f966402bd1edab470ec464 4dddf3dcf530fc84dd4434c898e5b7a061f971de 5319e844138d289fdc04966fc38aa94a057a82130bf2e363a6be7ed1d2719be1 HTTP Headers `GET /style.css HTTP/1.1 Host: leechpremium.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://leechpremium.link/download.php Cookie: owner=14218374590000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 09 Jun 2023 17:13:56 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Last-Modified: Tue, 29 Nov 2022 20:20:05 GMT ETag: "f75-5eea1b6a93be0" Accept-Ranges: bytes Content-Length: 3957 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/css`

	leechpremium.link/dl.js	192.99.15.221	200 OK	6862
Search urlquery URL leechpremium.link/dl.js DOMAIN leechpremium.link FQDN leechpremium.link IP 192.99.15.221 Hash c0ed0b0b746d38b2dc75bcd6df728aac External sources Mnemonic PDNS FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 VirusTotal HASH 084030f43f34a1043f4ee18cc3389ddd43f140d2 FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 crt.sh FQDN leechpremium.link DOMAIN leechpremium.link Fingerprint AC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 URL GET HTTP/1.1 leechpremium.link/dl.js IP 192.99.15.221:443 ASN #16276 OVH SAS Requested by https://leechpremium.link/download.php Certificate IssuerLet's Encrypt Subjectleechpremium.link FingerprintAC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 ValidityTue, 30 May 2023 23:29:46 GMT - Mon, 28 Aug 2023 23:29:45 GMT Magic HTML document, ASCII text, with very long lines (622), with CRLF line terminators Size 6862 Hash c0ed0b0b746d38b2dc75bcd6df728aac 084030f43f34a1043f4ee18cc3389ddd43f140d2 ee6fc6911023ff3e20678e3a9032bb9a54b9f74f81032c053dc685573a0f2416 HTTP Headers `GET /dl.js HTTP/1.1 Host: leechpremium.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://leechpremium.link/download.php Cookie: owner=14218374590000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 09 Jun 2023 17:13:56 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Last-Modified: Tue, 29 Nov 2022 20:20:05 GMT ETag: "1ace-5eea1b6a88061" Accept-Ranges: bytes Content-Length: 6862 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: application/javascript`

	ocsp.pki.goog/gts1c3	142.250.74.131		471
Search urlquery URL ocsp.pki.goog/gts1c3 DOMAIN pki.goog FQDN ocsp.pki.goog IP 142.250.74.131 Hash df893f12f5cf31daedf4910ffcc872c8 External sources Mnemonic PDNS FQDN ocsp.pki.goog DOMAIN pki.goog IP 142.250.74.131 VirusTotal HASH bbd271b0e76cd11d6a00327914b74882c95655fb FQDN ocsp.pki.goog DOMAIN pki.goog IP 142.250.74.131 crt.sh FQDN ocsp.pki.goog DOMAIN pki.goog URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE Magic data Size 471 Hash df893f12f5cf31daedf4910ffcc872c8 bbd271b0e76cd11d6a00327914b74882c95655fb 134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 17:13:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		471
Search urlquery URL ocsp.pki.goog/gts1c3 DOMAIN pki.goog FQDN ocsp.pki.goog IP 142.250.74.131 Hash fc8e1ec54c50413f6e09e63a85414e7c External sources Mnemonic PDNS FQDN ocsp.pki.goog DOMAIN pki.goog IP 142.250.74.131 VirusTotal HASH 929ef6a2a5150200fe2bacfc03245b53be30e46f FQDN ocsp.pki.goog DOMAIN pki.goog IP 142.250.74.131 crt.sh FQDN ocsp.pki.goog DOMAIN pki.goog URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE Magic data Size 471 Hash fc8e1ec54c50413f6e09e63a85414e7c 929ef6a2a5150200fe2bacfc03245b53be30e46f 9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 17:13:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		471
Search urlquery URL ocsp.pki.goog/gts1c3 DOMAIN pki.goog FQDN ocsp.pki.goog IP 142.250.74.131 Hash df893f12f5cf31daedf4910ffcc872c8 External sources Mnemonic PDNS FQDN ocsp.pki.goog DOMAIN pki.goog IP 142.250.74.131 VirusTotal HASH bbd271b0e76cd11d6a00327914b74882c95655fb FQDN ocsp.pki.goog DOMAIN pki.goog IP 142.250.74.131 crt.sh FQDN ocsp.pki.goog DOMAIN pki.goog URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE Magic data Size 471 Hash df893f12f5cf31daedf4910ffcc872c8 bbd271b0e76cd11d6a00327914b74882c95655fb 134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 17:13:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	142.250.74.138	200 OK	31021
Search urlquery URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js DOMAIN ajax.googleapis.com FQDN ajax.googleapis.com IP 142.250.74.138 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a External sources Mnemonic PDNS FQDN ajax.googleapis.com DOMAIN ajax.googleapis.com IP 142.250.74.138 VirusTotal HASH c8e1c8b386dc5b7a9184c763c88d19a346eb3342 FQDN ajax.googleapis.com DOMAIN ajax.googleapis.com IP 142.250.74.138 crt.sh FQDN ajax.googleapis.com DOMAIN ajax.googleapis.com Fingerprint 3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0 URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.138:443 ASN #15169 GOOGLE Requested by https://leechpremium.link/download.php Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT Magic ASCII text, with very long lines (65451) Size 31021 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d HTTP Headers `GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://leechpremium.link/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 08 Jun 2023 12:16:06 GMT expires: Fri, 07 Jun 2024 12:16:06 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 104270 last-modified: Fri, 08 May 2020 07:05:03 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=UA-127974349-1	142.250.74.168	200 OK	64666
Search urlquery URL www.googletagmanager.com/gtag/js?id=UA-127974349-1 DOMAIN googletagmanager.com FQDN www.googletagmanager.com IP 142.250.74.168 Hash 994bef07ca22dbd0915cfe9a76c01ee6 External sources Mnemonic PDNS FQDN www.googletagmanager.com DOMAIN googletagmanager.com IP 142.250.74.168 VirusTotal HASH 017a48838a0f7001350573eb2e3cc97de7e11c22 FQDN www.googletagmanager.com DOMAIN googletagmanager.com IP 142.250.74.168 crt.sh FQDN www.googletagmanager.com DOMAIN googletagmanager.com Fingerprint 73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-127974349-1 IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://leechpremium.link/download.php Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT Magic ASCII text, with very long lines (4372) Size 64666 Hash 994bef07ca22dbd0915cfe9a76c01ee6 017a48838a0f7001350573eb2e3cc97de7e11c22 e487da28aa8c6f832934d90c8aa72fd8569c1669355192263ec0a146d3fe42d8 HTTP Headers `GET /gtag/js?id=UA-127974349-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://leechpremium.link/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 09 Jun 2023 17:13:56 GMT expires: Fri, 09 Jun 2023 17:13:56 GMT cache-control: private, max-age=900 last-modified: Fri, 09 Jun 2023 15:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 64666 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	leechpremium.link/img/png/ubiqfile.png	192.99.15.221	200 OK	1150
Search urlquery URL leechpremium.link/img/png/ubiqfile.png DOMAIN leechpremium.link FQDN leechpremium.link IP 192.99.15.221 Hash 2287e6783f206afa2e6680c8af7393c1 External sources Mnemonic PDNS FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 VirusTotal HASH 94e2bc7360fd014ca06cd7f70a4a2f32ac44d0a2 FQDN leechpremium.link DOMAIN leechpremium.link IP 192.99.15.221 crt.sh FQDN leechpremium.link DOMAIN leechpremium.link Fingerprint AC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 URL GET HTTP/1.1 leechpremium.link/img/png/ubiqfile.png IP 192.99.15.221:443 ASN #16276 OVH SAS Requested by https://leechpremium.link/download.php Certificate IssuerLet's Encrypt Subjectleechpremium.link FingerprintAC:A2:10:E5:B2:33:29:A9:63:45:16:40:E6:79:EB:5A:47:BC:13:32 ValidityTue, 30 May 2023 23:29:46 GMT - Mon, 28 Aug 2023 23:29:45 GMT Magic MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1150 Hash 2287e6783f206afa2e6680c8af7393c1 94e2bc7360fd014ca06cd7f70a4a2f32ac44d0a2 a545d9729d39d0e86232d57312f07ba8e223d13b38842d7c2b471e7b39094bce HTTP Headers `GET /img/png/ubiqfile.png HTTP/1.1 Host: leechpremium.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://leechpremium.link/download.php Cookie: owner=14218374590000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 09 Jun 2023 17:13:56 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 Last-Modified: Tue, 29 Nov 2022 20:20:05 GMT ETag: "47e-5eea1b6a92c40" Accept-Ranges: bytes Content-Length: 1150 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/png`

	leechpremium.link/img/ico/xubster.png	192.99.15.221	200 OK	119
Search urlquery URL leechpremium.link/img/ico/xubster.png DOMAIN leechpremium.link FQDN leechpremium.link IP 192.99.15.221 Hash 3919493d4a34f51a29db32fead673171 External sources Mnemonic PDNS FQDN leechpremium.link DOMAIN leechpremium.link

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (179)

#1 JS:Script (size: 155)

#2 JS:Script (size: 3129)

#3 JS:Script (size: 93981)

#4 JS:Script (size: 79)

#5 JS:Script (size: 4691)

#6 JS:Script (size: 121)

#7 JS:Script (size: 37)

#8 JS:Script (size: 6862)

#9 JS:Script (size: 57)

#10 JS:Script (size: 25)

#11 JS:Script (size: 302554)

#12 JS:Script (size: 1291)

#13 JS:Script (size: 7271)

#14 JS:Script (size: 89476)

#15 JS:Script (size: 906)

#16 JS:Script (size: 33360)

#17 JS:Script (size: 2121)

#18 JS:Script (size: 60010)

#19 JS:Script (size: 210466)

#20 JS:Script (size: 2306)

#21 JS:Script (size: 25)

#22 JS:Script (size: 16877)

#23 JS:Script (size: 147)

#24 JS:Script (size: 25)

#25 JS:Script (size: 689)

#26 JS:Script (size: 25)

#27 JS:Script (size: 82665)

#28 JS:Script (size: 79595)

#29 JS:Script (size: 535)

#30 JS:Script (size: 177541)

#31 JS:Script (size: 151)

#32 JS:Script (size: 210377)

#33 JS:Script (size: 214782)

#34 JS:Script (size: 25)

#35 JS:Script (size: 332)

#36 JS:Script (size: 19655)

#37 JS:Script (size: 5)

#38 JS:Script (size: 17930)

#1 JS:Eval (size: 11)

#2 JS:Eval (size: 12)

#3 JS:Eval (size: 19)

#4 JS:Eval (size: 19)

#5 JS:Eval (size: 27)

#6 JS:Eval (size: 15)

#7 JS:Eval (size: 26)

#8 JS:Eval (size: 37)

#9 JS:Eval (size: 34)

#10 JS:Eval (size: 37)

#11 JS:Eval (size: 17)

#12 JS:Eval (size: 30)

#13 JS:Eval (size: 36)

#14 JS:Eval (size: 19)

#15 JS:Eval (size: 51)

#16 JS:Eval (size: 19)

#17 JS:Eval (size: 10)

#18 JS:Eval (size: 25)