Report Overview

  1. Submitted URL

    c1.loversion.com/?step_id=1&installer_id=5448578408557732347&publisher_id=388&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=3787846745911650536&external_id=0&session_id=340408820645696851&hardware_id=14827623491290531192&installer_file_name=http:/s2.fisierulmeu.ro:81/dwn_links/baa05ffdc8c7a06bd9fc83437bc7409d/535c10d7/53/53BCV7RLCB8D/name/Metin2.ro%20FishBot%20v4%20Hack.exe&st=1&include_signature=0&uuid=*

  2. IP

    3.130.204.160

    ASN

    #16509 AMAZON-02

  3. Submitted

    2023-01-26 17:03:38

    Access

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    1

  4. Threat Detection Systems

    0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
firefox.settings.services.mozilla.com8670001-01-01T00:00:00Z0001-01-01T00:00:00Z
use.typekit.net4940001-01-01T00:00:00Z0001-01-01T00:00:00Z
p.typekit.net6200001-01-01T00:00:00Z0001-01-01T00:00:00Z
fonts.gstatic.comunknown0001-01-01T00:00:00Z0001-01-01T00:00:00Z
www.youtube.com900001-01-01T00:00:00Z0001-01-01T00:00:00Z
yt3.ggpht.com2030001-01-01T00:00:00Z0001-01-01T00:00:00Z
r3.o.lencr.org3440001-01-01T00:00:00Z0001-01-01T00:00:00Z
ocsp.digicert.com860001-01-01T00:00:00Z0001-01-01T00:00:00Z
contile.services.mozilla.com11140001-01-01T00:00:00Z0001-01-01T00:00:00Z
stats.g.doubleclick.net960001-01-01T00:00:00Z0001-01-01T00:00:00Z
fonts.googleapis.com88770001-01-01T00:00:00Z0001-01-01T00:00:00Z
content-signature-2.cdn.mozilla.net11520001-01-01T00:00:00Z0001-01-01T00:00:00Z
static.hugedomains.com866090001-01-01T00:00:00Z0001-01-01T00:00:00Z
cdn.jsdelivr.net4390001-01-01T00:00:00Z0001-01-01T00:00:00Z
googleads.g.doubleclick.net420001-01-01T00:00:00Z0001-01-01T00:00:00Z
www.google.com70001-01-01T00:00:00Z0001-01-01T00:00:00Z
jnn-pa.googleapis.com26400001-01-01T00:00:00Z0001-01-01T00:00:00Z
img-getpocket.cdn.mozilla.net16310001-01-01T00:00:00Z0001-01-01T00:00:00Z
c1.loversion.comunknown0001-01-01T00:00:00Z0001-01-01T00:00:00Z
ocsp.pki.goog1750001-01-01T00:00:00Z0001-01-01T00:00:00Z
www.googletagmanager.com750001-01-01T00:00:00Z0001-01-01T00:00:00Z
static.doubleclick.net3330001-01-01T00:00:00Z0001-01-01T00:00:00Z
www.hugedomains.com508570001-01-01T00:00:00Z0001-01-01T00:00:00Z
i.ytimg.com1090001-01-01T00:00:00Z0001-01-01T00:00:00Z
www.google.no256070001-01-01T00:00:00Z0001-01-01T00:00:00Z

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 3.130.204.160
ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (243)

HTTP Transactions (100)

URLIPResponseSize
c1.loversion.com/?step_id=1&installer_id=5448578408557732347&publisher_id=388&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=3787846745911650536&external_id=0&session_id=340408820645696851&hardware_id=14827623491290531192&installer_file_name=http:/s2.fisierulmeu.ro:81/dwn_links/baa05ffdc8c7a06bd9fc83437bc7409d/535c10d7/53/53BCV7RLCB8D/name/Metin2.ro%20FishBot%20v4%20Hack.exe&st=1&include_signature=0&uuid=*
3.130.204.160302 Found0 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK939 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK5.3 kB
ocsp.digicert.com/
93.184.220.29200 OK278 B
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK12 B
static.hugedomains.com/images/hdv3-img/favorite-header.png
104.26.6.37200 OK874 B
static.hugedomains.com/images/hdv3-img/phone-icon.png
104.26.6.37200 OK743 B
static.hugedomains.com/images/hdv3-img/cart.png
104.26.6.37200 OK940 B
static.hugedomains.com/images/hdv3-img/30daysmallico.png
104.26.6.37200 OK1.8 kB
static.hugedomains.com/images/hdv3-img/roket-side-ico.png
104.26.6.37200 OK1.8 kB
static.hugedomains.com/images/hdv3-img/safesmallico.png
104.26.6.37200 OK1.2 kB
static.hugedomains.com/images/hdv3-img/zero-side-ico.png
104.26.6.37200 OK2.0 kB
static.hugedomains.com/images/hdv3-img/mail-icon.png
104.26.6.37200 OK817 B
static.hugedomains.com/images/hdv3-img/footer-logo-1.png
104.26.6.37200 OK738 B
static.hugedomains.com/images/hdv3-img/footer-logo-2.png
104.26.6.37200 OK1.7 kB
static.hugedomains.com/images/hdv3-img/footer-logo-3.png
104.26.6.37200 OK2.0 kB
static.hugedomains.com/images/hdv3-img/footer-logo-4.png
104.26.6.37200 OK1.2 kB
static.hugedomains.com/images/hdv3-img/footer-logo-5.png
104.26.6.37200 OK1.5 kB
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css
151.101.129.229200 OK3.1 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
use.typekit.net/zyw6mds.css
23.36.76.186200 OK588 B
www.googletagmanager.com/gtag/js?id=UA-7117339-4
142.250.74.72200 OK44 kB
static.hugedomains.com/js/hdv3-js/jquery.min.js
104.26.6.37200 OK33 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
p.typekit.net/p.css?s=1&k=zyw6mds&ht=tk&f=40411&a=11744788&app=typekit&e=css
23.36.76.186200 OK5 B
static.hugedomains.com/css/hdv3-css/reboot.min.css
104.26.6.37200 OK1.8 kB
static.hugedomains.com/images/hdv3-img/search-icon.png
104.26.6.37200 OK700 B
static.hugedomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a
104.26.6.37200 OK13 kB
static.hugedomains.com/images/hdv3-img/test-content-img-left.png
104.26.6.37200 OK322 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
static.hugedomains.com/images/hdv3-img/qs-item-bg.png
104.26.6.37200 OK198 B
use.typekit.net/af/a91117/00000000000000003b9b257c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
23.36.76.186200 OK20 kB
static.hugedomains.com/images/hdv3-img/test-content-img-right.png
104.26.6.37200 OK292 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
142.250.74.35200 OK13 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
142.250.74.35200 OK13 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
www.youtube.com/s/player/4248d311/www-player.css
142.250.74.142200 OK50 kB
www.youtube.com/embed/bqLUp7GuUTg?rel=0&autoplay=0&showinfo=0&controls=0
142.250.74.142200 OK43 kB
www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
142.250.74.142200 OK109 kB
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK15 kB
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.142200 OK2.8 kB
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
142.250.74.142200 OK611 kB
static.hugedomains.com/js/hdv3-js/intlTelInput.js
104.26.6.37200 OK13 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-7117339-4&cid=1987687633.1654109076&jid=1600418615&gjid=1216666590&_gid=64451390.1674752608&_u=4CDAAUAKAAAAACAAI~&z=1011040394
173.194.73.154200 OK4 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK29 B
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found0 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
www.hugedomains.com/rjs/hdv3-rjs/hurry-cart.cfm
104.26.6.37200 OK1 B
www.hugedomains.com/rjs/favorite-domain.cfm
104.26.6.37200 OK31 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
142.250.74.164200 OK14 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
i.ytimg.com/vi_webp/bqLUp7GuUTg/sddefault.webp
142.250.74.118200 OK9.1 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7117339-4&cid=1987687633.1654109076&jid=1600418615&_u=4CDAAUAKAAAAACAAI~&z=62913477
142.250.74.164200 OK42 B
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7117339-4&cid=1987687633.1654109076&jid=1600418615&_u=4CDAAUAKAAAAACAAI~&z=62913477
142.250.74.131200 OK42 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
yt3.ggpht.com/ytc/AL5GRJUcY8PCL7CkKyWfUcR8kG5ZrREldVGkytok73zK=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK1.8 kB
ocsp.pki.goog/gts1c3
216.58.211.3200 OK472 B
ocsp.pki.goog/gts1c3
216.58.211.3200 OK471 B
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK0 B
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK110 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK5.9 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK9.6 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK9.3 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
34.120.237.76200 OK15 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK13 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
34.120.237.76200 OK7.4 kB
www.hugedomains.com/rjs/favorite-domain.cfm
104.26.6.37200 OK0 B
www.hugedomains.com/favicon.ico
104.26.6.37200 OK0 B
static.hugedomains.com/js/hdv3-js/script.js
104.26.6.37200 OK0 B
static.hugedomains.com/css/hdv3-css/style.css?aa=2021-06-09a
104.26.6.37200 OK0 B
www.hugedomains.com/rjs/gen-hdc.cfm?e=1&s=https://www.hugedomains.com/domain_profile.cfm?d=loversion.com&r=
104.26.6.37200 OK0 B
static.hugedomains.com/images/hdv3-img/hugedomains_logo.svg
104.26.6.37200 OK0 B
static.hugedomains.com/js/hdv3-js/hd-js.js?a=20220124a
104.26.6.37200 OK0 B
static.hugedomains.com/css/hdv3-css/hd-style.css
104.26.6.37200 OK0 B
fonts.googleapis.com/css?family=Noto+Sans:400,700&display=swap
142.250.74.106200 OK0 B
www.hugedomains.com/domain_profile.cfm?d=loversion.com
104.26.6.37200 OK0 B
static.hugedomains.com/js/hdv3-js/common.js
104.26.6.37200 OK0 B
www.hugedomains.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674748800
104.26.6.37200 OK0 B