Report Overview

  1. Submitted URL

    crz.su/uShedOtJ

  2. IP

    35.187.173.18

    ASN

    #15169 GOOGLE

  3. Submitted

    2023-04-04 21:09:26

    Access

    public

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    4

  4. Threat Detection Systems

    0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
googleads.g.doubleclick.net422021-02-20T16:43:32Z2023-04-04T23:56:47Z
analytics.tiktok.com11822020-02-29T14:09:05Z2023-04-04T05:24:03Z
partner.googleadservices.com7982012-10-03T03:04:21Z2023-04-04T18:15:08Z
region1.google-analytics.comunknown2022-03-17T12:26:33Z2023-04-04T18:35:19Z
tpc.googlesyndication.com1262020-01-16T09:35:32Z2023-04-04T22:22:51Z
crezu.mxunknown2019-04-01T20:21:03Z2023-04-03T22:46:48Z
contile.services.mozilla.com11142021-05-27T20:32:35Z2023-04-04T18:13:50Z
pagead2.googlesyndication.com1012021-02-20T16:52:05Z2023-04-05T01:06:07Z
www.google-analytics.com402012-10-03T03:04:21Z2023-04-04T22:18:02Z
www.google.no256072016-04-05T21:50:59Z2023-04-04T19:45:57Z
www.facebook.com992012-05-21T02:23:41Z2021-02-04T00:31:35Z
www.googletagservices.com1692021-02-14T04:54:38Z2023-04-04T00:16:13Z
firefox.settings.services.mozilla.com8672020-06-04T22:08:41Z2023-04-04T18:13:55Z
sl.crezu.netunknown2019-07-15T10:15:19Z2023-04-03T19:20:21Z
sl.crezu.mxunknown2019-11-05T21:24:01Z2023-03-29T19:08:31Z
cdn.crezu.net7087652019-06-07T20:19:29Z2023-03-30T09:16:40Z
push.services.mozilla.com21402014-10-24T10:27:06Z2023-04-04T18:19:16Z
ocsp.sectigo.com4872019-11-29T12:50:24Z2023-04-04T23:41:09Z
track.crezu.netunknown2019-06-07T00:56:55Z2023-04-04T19:08:36Z
firefox-settings-attachments.cdn.mozilla.net115092019-11-30T10:32:57Z2023-04-04T19:33:14Z
content-signature-2.cdn.mozilla.net11522020-11-03T13:26:46Z2023-04-04T18:20:05Z
r3.o.lencr.org3442020-12-02T09:52:13Z2023-04-04T18:12:09Z
ocsp.digicert.com862012-05-21T09:02:23Z2023-04-04T23:17:38Z
shavar.services.mozilla.com36022015-09-28T08:30:01Z2023-04-04T18:24:34Z
img-getpocket.cdn.mozilla.net16312018-06-22T01:36:00Z2023-04-04T13:13:40Z
events.crezu.netunknown2022-08-30T18:56:21Z2023-03-30T09:16:41Z
fonts.googleapis.com88772013-06-10T22:14:26Z2023-04-04T22:35:31Z
detectportal.firefox.com16012018-08-30T11:52:03Z2023-04-04T18:13:50Z
getpocket.cdn.mozilla.net13692018-08-28T15:15:36Z2023-04-04T14:12:44Z
ocsp.pki.goog1752018-07-01T08:43:07Z2023-04-04T18:12:04Z
adservice.google.no969692018-06-20T01:38:38Z2023-04-04T18:12:13Z
adservice.google.com762021-02-20T17:10:48Z2023-04-05T01:20:43Z
stats.g.doubleclick.net962013-06-10T22:21:11Z2023-04-04T18:25:09Z
www.gstatic.comunknown2016-07-26T11:37:06Z2023-04-04T18:15:20Z
crz.suunknown2020-02-14T12:08:34Z2023-04-04T11:09:39Z
connect.facebook.net1392012-05-22T04:51:28Z2023-04-04T18:12:04Z
www.googletagmanager.com752013-05-22T04:07:37Z2023-04-04T18:25:09Z

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IPInternal IP
ET DNS Query for .su TLD (Soviet Union) Often Malware Related
mediumClient IPInternal IP
ET DNS Query for .su TLD (Soviet Union) Often Malware Related
mediumClient IP 35.187.173.18
ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
mediumClient IPInternal IP
ET DNS Query for .su TLD (Soviet Union) Often Malware Related

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (167)

HTTP Transactions (117)

URLIPResponseSize
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK8 B
crz.su/uShedOtJ
35.187.173.18301 Moved Permanently194 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
34.120.5.221200 OK44 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK5.3 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK939 B
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK12 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
crz.su/uShedOtJ
35.187.173.18302 Found10 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
ocsp.digicert.com/
192.229.221.95200 OK471 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK329 B
sl.crezu.mx/crm?sub2=mx-sms-welcome-click-trigger-2&lead_id=3b8c75a3d4714df8b465abd7a55725aa&landing=offers
35.241.222.91302 Found10 B
push.services.mozilla.com/
34.117.65.55101 Switching Protocols0 B
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
35.83.144.93200 OK8 B
ocsp.sectigo.com/
172.64.155.188200 OK472 B
track.crezu.net/click?offer_id=216&sub1=3b8c75a3d4714df8b465abd7a55725aa&pid=2&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub6=833&sub4=0
34.90.46.36302 Found0 B
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680641833309%22
35.241.9.150200 OK22 kB
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22
35.241.9.150200 OK10 kB
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK5.3 kB
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680201445669&_since=%221666204638208%22
35.241.9.150200 OK49 kB
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK5.3 kB
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK939 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
ocsp.sectigo.com/
172.64.155.188200 OK471 B
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK807 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1680628217598&_since=%221666279968541%22
35.241.9.150200 OK66 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680566473665&_since=%221666483264567%22
35.241.9.150200 OK64 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK682 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK1.3 kB
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK8 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK1.7 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK2.4 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1680364263540&_since=%221662044085942%22
35.241.9.150200 OK8.0 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK1.5 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK935 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
35.241.9.150200 OK772 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
35.241.9.150200 OK25 kB
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
35.241.9.150200 OK1.6 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
crezu.mx/_nuxt/3ed99a8.modern.js
34.94.124.239200 OK2.5 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
34.120.237.76200 OK6.8 kB
crezu.mx/_nuxt/51c9eb7.modern.js
34.94.124.239200 OK8.6 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
34.120.237.76200 OK6.9 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
34.120.237.76200 OK8.7 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
34.120.237.76200 OK10 kB
crezu.mx/_nuxt/52b86be.modern.js
34.94.124.239200 OK8.6 kB
crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Medium.woff2
34.94.124.239200 OK100 kB
crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Bold.woff2
34.94.124.239200 OK99 kB
crezu.mx/fonts/SF_Pro_Display/SFProDisplay-Semibold.woff2
34.94.124.239200 OK100 kB
crezu.mx/_nuxt/c009a59.modern.js
34.94.124.239200 OK5.7 kB
ocsp.sectigo.com/
104.18.32.68200 OK472 B
cdn.crezu.net/common/dist/common.js
35.201.76.189200 OK56 kB
crezu.mx/svg/google-play-badge.svg
34.94.124.239200 OK3.6 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
crezu.mx/_nuxt/a9a7a47.modern.js
34.94.124.239200 OK148 kB
www.googletagmanager.com/gtm.js?id=GTM-NPS92WP
142.250.74.40200 OK56 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
sl.crezu.net/sl-feed?lead_id=3b8c75a3d4714df8b465abd7a55725aa&page=landing-offers&direction=swap&experimental=broker
35.241.222.91200 OK40 B
crezu.mx/img/financial-services.webp
34.94.124.239200 OK259 kB
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK48 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
crezu.mx/_nuxt/9cf2175.modern.js
34.94.124.239200 OK54 kB
www.google-analytics.com/analytics.js
142.250.74.110200 OK20 kB
googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/zrt_lookup.html
142.250.74.34200 OK4.5 kB
analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
95.101.10.128200 OK66 kB
ocsp.digicert.com/
192.229.221.95200 OK471 B
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK28 kB
ocsp.digicert.com/
192.229.221.95200 OK471 B
analytics.tiktok.com/i18n/pixel/static/identify_08840.js
95.101.10.128200 OK31 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
adservice.google.no/adsid/integrator.js?domain=crezu.mx
142.250.74.130200 OK100 B
adservice.google.com/adsid/integrator.js?domain=crezu.mx
216.58.207.226200 OK100 B
analytics.tiktok.com/api/v2/pixel
95.101.10.128200 OK0 B
analytics.tiktok.com/api/v2/pixel
95.101.10.128200 OK0 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
events.crezu.net/api/event
35.240.92.105204 No Content0 B
events.crezu.net/api/event
35.240.92.105201 Created0 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
partner.googleadservices.com/gampad/cookie.js?domain=crezu.mx&callback=_gfp_s_&client=ca-pub-7720460051430832
142.250.74.66200 OK247 B
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&gjid=2099203995&_gid=1318239277.1680642554&_u=YADAAEAAAAAAACAAI~&z=2027041021
64.233.161.156200 OK4 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
region1.google-analytics.com/g/collect?v=2&tid=G-8PMFQDPCNZ&gtm=45je3430&_p=570131699&cid=373496429.1680642554&ul=en-us&sr=1280x1024&_s=1&sid=1680642553&sct=1&seg=0&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20Crezu&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content0 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127091598-1&cid=373496429.1680642554&jid=385620135&_u=YADAAEAAAAAAACAAI~&z=817258920
142.250.74.163200 OK42 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
crezu.mx/img/financial-services-mobil.webp
34.94.124.239200 OK42 B
www.facebook.com/tr/?id=461067334443962&ev=PageView&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554574&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET
157.240.221.35200 OK0 B
www.facebook.com/tr/?id=461067334443962&ev=feedSubmitted&dl=https%3A%2F%2Fcrezu.mx%2Flanding%2Foffers%2F%3Fsub1%3D3b8c75a3d4714df8b465abd7a55725aa%26sub2%3Dmx-sms-welcome-click-trigger-2%26sub3%3Dsl-crm%26sub4%3D0%26sub5%26sub6%3D833%26sub7%26sub8%26sub9&rl=&if=false&ts=1680642554576&cd[positions]=9&cd[source]=mx-sms-welcome-click-trigger-2&cd[wall]=new-landing-offers&cd[withBrokers]=false&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680642554573.810096398&it=1680642553905&coo=false&rqm=GET
157.240.221.35200 OK0 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK6.4 kB
adservice.google.no/adsid/integrator.js?domain=crezu.mx
142.250.74.130200 OK100 B
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.193200 OK5.0 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
crezu.mx/_nuxt/abf7e57.modern.js
34.94.124.239200 OK81 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms
142.250.74.35200 OK4.4 kB
www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019
142.250.74.35200 OK4.0 kB
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK50 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.74200 OK1.3 kB
crezu.mx/_nuxt/static/1680030274/manifest.js
34.94.124.239200 OK0 B
crezu.mx/landing/offers/?sub1=3b8c75a3d4714df8b465abd7a55725aa&sub2=mx-sms-welcome-click-trigger-2&sub3=sl-crm&sub4=0&sub5=&sub6=833&sub7=&sub8=&sub9=
34.94.124.239200 OK0 B
crezu.mx/_nuxt/static/1680030274/landing/offers/payload.js
34.94.124.239200 OK0 B
crezu.mx/_nuxt/2f28288.modern.js
34.94.124.239200 OK0 B
crezu.mx/_nuxt/static/1680030274/landing/offers/state.js
34.94.124.239200 OK0 B