| securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=16739359602689629820&click_id=36Hng8_20eUfY_FsVd4lJyv50_zAd6JVWbplC&cost=0.013711501792538789&creative_id=89889&skin_id=10&source_id=48315145&spot_id=&key=z75jl3uadd4hfyu1isze | 109.206.176.79 | 302 Found | 0 B |
URL User Request GET HTTP/1.1securesentry.click/ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=16739359602689629820&click_id=36Hng8_20eUfY_FsVd4lJyv50_zAd6JVWbplC&cost=0.013711501792538789&creative_id=89889&skin_id=10&source_id=48315145&spot_id=&key=z75jl3uadd4hfyu1isze IP109.206.176.79:443
CertificateIssuerLet's Encrypt Subjectsecuresentry.click FingerprintA9:C2:B2:E0:04:C5:81:4E:FC:1A:CF:8E:87:F8:A3:E7:65:2C:FD:5C ValidityMon, 25 Mar 2024 09:22:07 GMT - Sun, 23 Jun 2024 09:22:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ct2nl8k.php?ad_type=inpage(deprecated)&auction_id=16739359602689629820&click_id=36Hng8_20eUfY_FsVd4lJyv50_zAd6JVWbplC&cost=0.013711501792538789&creative_id=89889&skin_id=10&source_id=48315145&spot_id=&key=z75jl3uadd4hfyu1isze HTTP/1.1
Host: securesentry.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Fri, 26 Apr 2024 17:57:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Set-Cookie: uclick=usmyydm7wj; expires=Sat, 27-Apr-2024 17:57:23 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=usmyydm7wj-usmyydm7wj-g5tl-0-us520-c815fe-zwu33y-301d64; expires=Sat, 27-Apr-2024 17:57:23 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878
Strict-Transport-Security: max-age=31536000
|
| utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878 | 3.121.82.120 | 404 Not Found | 0 B |
URL User Request GET HTTP/1.1utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878 IP3.121.82.120:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878 HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 17:57:25 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: ydt_89d1392973ad4570a8eb9e51cbfc5910="[]:1s0Pp7:WBqcPc1PoLfbz0YAcMmqFR-APjA"; expires=Sun, 26 May 2024 19:57:25 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
| utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878 | 3.121.82.120 | 404 Not Found | 0 B |
URL User Request GET HTTP/1.1utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878 IP3.121.82.120:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878 HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 17:57:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Server: nginx/1.14.2
Cache-Control: no-transform
X-Frame-Options: SAMEORIGIN
Vary: Accept-Language, Cookie, Origin
Content-Language: en
Set-Cookie: ydt_89d1392973ad4570a8eb9e51cbfc5910="[]:1s0Pp8:M9vtydhSVO6S2wfJMogVIxiMbc4"; expires=Sun, 26 May 2024 19:57:26 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
|
| utilt-glo.streamdigitalworks.com/favicon.ico | 3.121.82.120 | 204 No Content | 0 B |
URL GET HTTP/1.1utilt-glo.streamdigitalworks.com/favicon.ico IP3.121.82.120:80
Requested byhttp://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: utilt-glo.streamdigitalworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://utilt-glo.streamdigitalworks.com/t/clk?id=GYxn9Sqm7MHJPXNIkOZJ6I8&s1=8f211usmyydm7wj878
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Fri, 26 Apr 2024 17:57:26 GMT
Connection: keep-alive
Server: nginx/1.14.2
|