Help
RSS
API
Feed
Maltego
Contact
Domain > gotitpromos.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Files that talk to gotitpromos.com
MD5
A/V
4da0339ec3a15812a014c3a44b7cb838
[
Trojan.Script.Heuristic-js.iacgm
] [
SCRIPT.Virus
]
DNS Resolutions
Date
IP Address
2024-03-24
108.59.12.100
(
ClassC
)
2024-05-03
94.229.72.115
(
ClassC
)
2024-05-09
108.59.12.101
(
ClassC
)
2024-08-21
207.244.76.129
(
ClassC
)
2024-11-05
207.244.76.132
(
ClassC
)
Port 80
HTTP/1.1 200 OKaccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobilecache-control: max-age0, private, must-revalidateconnection: closecontent-length: 476content-type: html>head>title>Loading.../title>/head>body>script typetext/javascript>window.location.replace(http://gotitpromos.com/?ch1&jseyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMTI4NzA5NSwiaWF0IjoxNzExMjc5ODk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXZxdnZzZmcxdWxrMWw2cjgwMDFoZWciLCJuYmYiOjE3MTEyNzk4OTUsInRzIjoxNzExMjc5ODk1NTgzMTA4fQ.b79d5gyrOc_9o_HUeaMyRGzgs6Wp5jLV3OnCeUe2PXA&sid12612694-e9d2-11ee-a2ac-218bfdab8410);/script>/body>/html>
Port 443
HTTP/1.1 200 OKaccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobilecache-control: max-age0, private, must-revalidateconnection: closecontent-length: 477content-type: html>head>title>Loading.../title>/head>body>script typetext/javascript>window.location.replace(https://gotitpromos.com/?ch1&jseyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMTI4NzA5NSwiaWF0IjoxNzExMjc5ODk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXZxdnZ0NHNscjNiNWZmYjQwMGltc2EiLCJuYmYiOjE3MTEyNzk4OTUsInRzIjoxNzExMjc5ODk1OTQyMDU2fQ.PSI_Jio2iY-lb3IKwBV5z83CMo7sNhR2VYOYkPGFwhs&sid1297f40c-e9d2-11ee-ae0d-218b146b00bc);/script>/body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]