| securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=17353071232310518318&click_id=36HvSV_kv1uS_hlt9pAx3HRl_11BwXdnWq2Ty&cost=0.00047179646428707566&creative_id=75808&key=ca5hms7j4ursa2wn90ch&skin_id=10&source_id=4831518960&spot_id= | 109.206.176.79 | 302 Found | 0 B |
URL User Request GET HTTP/1.1securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=17353071232310518318&click_id=36HvSV_kv1uS_hlt9pAx3HRl_11BwXdnWq2Ty&cost=0.00047179646428707566&creative_id=75808&key=ca5hms7j4ursa2wn90ch&skin_id=10&source_id=4831518960&spot_id= IP109.206.176.79:443
CertificateIssuerLet's Encrypt Subjectsecuresentry.click FingerprintA9:C2:B2:E0:04:C5:81:4E:FC:1A:CF:8E:87:F8:A3:E7:65:2C:FD:5C ValidityMon, 25 Mar 2024 09:22:07 GMT - Sun, 23 Jun 2024 09:22:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=17353071232310518318&click_id=36HvSV_kv1uS_hlt9pAx3HRl_11BwXdnWq2Ty&cost=0.00047179646428707566&creative_id=75808&key=ca5hms7j4ursa2wn90ch&skin_id=10&source_id=4831518960&spot_id= HTTP/1.1
Host: securesentry.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Fri, 26 Apr 2024 23:18:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Location: https://securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=17353071232310518318&click_id=36HvSV_kv1uS_hlt9pAx3HRl_11BwXdnWq2Ty&cost=0.00047179646428707566&creative_id=75808&skin_id=10&source_id=4831518960&spot_id=&key=z75jl3uadd4hfyu1isze
Strict-Transport-Security: max-age=31536000
|
|
| securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=17353071232310518318&click_id=36HvSV_kv1uS_hlt9pAx3HRl_11BwXdnWq2Ty&cost=0.00047179646428707566&creative_id=75808&skin_id=10&source_id=4831518960&spot_id=&key=z75jl3uadd4hfyu1isze | 109.206.176.79 | 302 Found | 0 B |
URL User Request GET HTTP/1.1securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=17353071232310518318&click_id=36HvSV_kv1uS_hlt9pAx3HRl_11BwXdnWq2Ty&cost=0.00047179646428707566&creative_id=75808&skin_id=10&source_id=4831518960&spot_id=&key=z75jl3uadd4hfyu1isze IP109.206.176.79:443
CertificateIssuerLet's Encrypt Subjectsecuresentry.click FingerprintA9:C2:B2:E0:04:C5:81:4E:FC:1A:CF:8E:87:F8:A3:E7:65:2C:FD:5C ValidityMon, 25 Mar 2024 09:22:07 GMT - Sun, 23 Jun 2024 09:22:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=17353071232310518318&click_id=36HvSV_kv1uS_hlt9pAx3HRl_11BwXdnWq2Ty&cost=0.00047179646428707566&creative_id=75808&skin_id=10&source_id=4831518960&spot_id=&key=z75jl3uadd4hfyu1isze HTTP/1.1
Host: securesentry.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Fri, 26 Apr 2024 23:18:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Set-Cookie: uclick=us1ma4qq8n; expires=Sat, 27-Apr-2024 23:18:08 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=us1ma4qq8n-us1ma4qq8n-g5tl-0-us520-c815fe-zwu33y-8d2636; expires=Sat, 27-Apr-2024 23:18:08 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d
Strict-Transport-Security: max-age=31536000
|
|
| utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d | 18.159.220.225 | 404 Not Found | 0 B |
URL User Request GET HTTP/2utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d IP18.159.220.225:443
CertificateIssuerAmazon Subject*.clickerbuild.com Fingerprint3F:94:8E:F7:2C:AB:ED:2E:7E:B3:11:38:BA:E0:AD:3B:FB:88:2E:A3 ValiditySun, 04 Jun 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 23:18:11 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: ydt_89d1392973ad4570a8eb9e51cbfc5910="[]:1s0UpX:XWbLD3C-FGp_76ji3sWKVDmsAIc"; expires=Mon, 27 May 2024 01:18:11 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d | 18.159.220.225 | 404 Not Found | 0 B |
URL User Request GET HTTP/2utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d IP18.159.220.225:443
CertificateIssuerAmazon Subject*.clickerbuild.com Fingerprint3F:94:8E:F7:2C:AB:ED:2E:7E:B3:11:38:BA:E0:AD:3B:FB:88:2E:A3 ValiditySun, 04 Jun 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 23:18:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Server: nginx/1.14.2
Cache-Control: no-transform
X-Frame-Options: SAMEORIGIN
Vary: Accept-Language, Cookie, Origin
Content-Language: en
Set-Cookie: ydt_89d1392973ad4570a8eb9e51cbfc5910="[]:1s0UpX:XWbLD3C-FGp_76ji3sWKVDmsAIc"; expires=Mon, 27 May 2024 01:18:11 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
|
|
| utilt-glo.streamdigitalworks.com/favicon.ico | 18.159.220.225 | 204 No Content | 0 B |
URL GET HTTP/1.1utilt-glo.streamdigitalworks.com/favicon.ico IP18.159.220.225:80
Requested byhttp://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=a088aus1ma4qq8n37d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Fri, 26 Apr 2024 23:18:11 GMT
Connection: keep-alive
Server: nginx/1.14.2
|
|