Report - czgovd.com/bot-captcha-2?h=waWQiOjExMzg3NTksInNpZCI6MTE3Nzc4MCwid2lkIjo0MDc1NTUsInNyYyI6Mn0=eyJ&si1=336315&clickid=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwA&a_tb=https://4jshfdjfsdf4.monster/b?token=56cd0d3d19ccdf64e68a5f8a5c02d7bb73592943&c=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwAintent://czgovd.com/bot-captcha-2?h=waWQiOjExMzg3NTksInNpZCI6MTE3Nzc4MCwid2lkIjo0MDc1NTUsInNyYyI6Mn0=eyJ&si1=336315&clickid=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwA&a_tb=https://4jshfdjfsdf4.monster/b?token=56cd0d3d19ccdf64e68a5f8a5c02d7bb73592943&c=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwA

Report Overview

Visitedpublic

2023-12-20 19:47:25

Tags

Submit Tags

URL

czgovd.com/bot-captcha-2?h=waWQiOjExMzg3NTksInNpZCI6MTE3Nzc4MCwid2lkIjo0MDc1NTUsInNyYyI6Mn0=eyJ&si1=336315&clickid=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwA&a_tb=https://4jshfdjfsdf4.monster/b?token=56cd0d3d19ccdf64e68a5f8a5c02d7bb73592943&c=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwAintent://czgovd.com/bot-captcha-2?h=waWQiOjExMzg3NTksInNpZCI6MTE3Nzc4MCwid2lkIjo0MDc1NTUsInNyYyI6Mn0=eyJ&si1=336315&clickid=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwA&a_tb=https://4jshfdjfsdf4.monster/b?token=56cd0d3d19ccdf64e68a5f8a5c02d7bb73592943&c=AFNBvGO7IQUAdFgCAFVTFgASAAG3xGwA

Finishing URL

www.google.com/url?q=https://www.business2community.com/no/gambling/casino-norge&;source=gmail&;ust=1703162811393000&;usg=AOvVaw1oeg8hNyuEeQqUFu7CQAUT

IP / ASN

31.220.27.98

#39572 DataWeb Global Group B.V.

Title

Viderekoblingsmerknad

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mdakky.com	unknown	2023-10-12	2023-10-13 10:25:55	2023-12-19 19:52:12	1.1 kB	368 B	185.162.85.20
track.wbdpnz.com	unknown	2022-05-27	2022-06-01 12:56:18	2023-12-19 20:35:14	777 B	892 B	18.158.88.249
onekoh.com	unknown	2023-10-31	2019-08-29 22:56:59	2023-12-08 06:20:00	4.2 kB	48 kB	31.220.27.98
resionsfrester.com	unknown	2023-06-07	2023-06-08 10:22:33	2023-12-17 17:10:12	829 B	935 B	18.196.89.56
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-12-09 10:58:51	1.6 kB	4.0 kB	142.250.74.132
ecrwqu.com	577459	2021-11-09	2021-11-09 21:59:02	2023-12-20 08:17:36	1.0 kB	1.6 kB	185.162.85.20
click2up.com	unknown	2023-12-12	2015-02-09 15:39:44	2023-12-20 03:19:58	737 B	731 B	95.216.26.241
toopsoug.net	unknown	2023-10-21	2023-10-22 21:15:53	2023-11-24 15:14:59	2.0 kB	2.8 kB	139.45.197.243
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-19 18:21:57	535 B	678 B	139.45.195.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-20 19:46:04	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain
2023-12-20 19:46:06	low	Client IP	Internal IP	ETPRO INFO Referer Obfuscation/Hiding Service in DNS Lookup (href .li)
2023-12-20 19:46:06	low	Client IP	Internal IP	ETPRO INFO Referer Obfuscation/Hiding Service in DNS Lookup (href .li)
2023-12-20 19:46:06	low	Client IP	192.0.78.26	ETPRO INFO Referer Obfuscation/Hiding Service Domain (href .li in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-20	medium	onekoh.com	Sinkholed
2023-12-20	medium	onekoh.com	Sinkholed
2023-12-20	medium	onekoh.com	Sinkholed
2023-12-20	medium	onekoh.com	Sinkholed
2023-12-20	medium	onekoh.com	Sinkholed
2023-12-20	medium	onekoh.com	Sinkholed
2023-12-20	medium	onekoh.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

HTTP Transactions (20)

	URL	IP	Response	Size