Overview

URL https://tinyurl.com/y8lsdxja
IP104.20.219.42
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-05-16 23:43:06 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-16 2 www.autobit.co.uk/myfax.htm Phishing
2018-05-16 2 condogastown.ca/arc/one/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.20.219.42

Date UQ / IDS / BL URL IP
2018-05-25 21:28:45 +0200
0 - 0 - 1 tinyurl.com/redirect.php?num=hudebvv 104.20.219.42
2018-05-25 21:24:59 +0200
0 - 0 - 1 tinyurl.com/j66opet 104.20.219.42
2018-05-25 19:37:12 +0200
0 - 0 - 0 https://tinyurl.com/yc7cfwot 104.20.219.42
2018-05-25 18:58:04 +0200
2 - 0 - 1 https://tinyurl.com/y9t7yhpb 104.20.219.42
2018-05-25 18:44:09 +0200
0 - 0 - 1 https://tinyurl.com/Zhi-Yi2018 104.20.219.42
2018-05-25 17:43:12 +0200
0 - 0 - 0 tinyurl.com/y8wjjnty 104.20.219.42
2018-05-25 17:19:58 +0200
0 - 0 - 1 tinyurl.com/h33jl93/ 104.20.219.42
2018-05-25 17:12:59 +0200
0 - 0 - 0 https://tinyurl.com/y943qpbl 104.20.219.42
2018-05-25 16:45:04 +0200
0 - 0 - 2 tinyurl.com/k9gldz5 104.20.219.42
2018-05-25 15:04:18 +0200
0 - 0 - 0 https://tinyurl.com/y8q3g4qg 104.20.219.42

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2018-05-26 08:13:44 +0200
0 - 4 - 4 ero-shame.com/blog-entry-41598.html 104.24.119.201
2018-05-26 08:11:10 +0200
0 - 1 - 0 www.intepavo.gq/ 104.28.26.132
2018-05-26 08:09:11 +0200
0 - 0 - 1 https://www.axilonlaw.com/www.paypal.co.uk1/e (...) 104.28.16.228
2018-05-26 08:08:32 +0200
2 - 0 - 2 imgserve.net/img-545a5deccecca.html 104.31.76.60
2018-05-26 08:07:29 +0200
0 - 6 - 0 poligrafocanarias.com/ 104.27.147.68
2018-05-26 08:05:21 +0200
0 - 0 - 1 www.iesdionisioaguado.org/moodle1 104.28.27.122
2018-05-26 08:01:46 +0200
0 - 0 - 1 https://www.kmr.rocks/lps/vid-srv/?cid=336971551 104.24.99.218
2018-05-26 08:01:43 +0200
0 - 6 - 0 www.elitepvpers.com/forum/attachments/s4-leag (...) 104.27.133.105
2018-05-26 08:00:51 +0200
0 - 0 - 1 https://www.kmr.rocks/lps/vid-srv/?cid=336971551 104.24.98.218
2018-05-26 08:00:22 +0200
0 - 0 - 4 axilonlaw.com/www.paypal.co.uk/encripted/ssl2 (...) 104.28.16.228

Last 10 reports on domain: tinyurl.com

Date UQ / IDS / BL URL IP
2018-05-26 07:48:39 +0200
0 - 0 - 1 tinyurl.com/yd57823t 104.20.218.42
2018-05-25 23:53:31 +0200
0 - 0 - 0 https://tinyurl.com/y9nkn9gv 104.20.218.42
2018-05-25 22:17:28 +0200
0 - 0 - 3 tinyurl.com/yacejy3k 104.20.218.42
2018-05-25 22:06:09 +0200
0 - 0 - 1 tinyurl.com/y9rtftoa 104.20.218.42
2018-05-25 22:05:09 +0200
0 - 0 - 2 tinyurl.com/yd4atjy3 104.20.218.42
2018-05-25 21:37:57 +0200
0 - 0 - 0 https://tinyurl.com/yc7cfwot 104.20.218.42
2018-05-25 21:28:48 +0200
0 - 6 - 0 TinyURL.com/Adamsbuns 104.20.218.42
2018-05-25 21:28:45 +0200
0 - 0 - 1 tinyurl.com/redirect.php?num=hudebvv 104.20.219.42
2018-05-25 21:24:59 +0200
0 - 0 - 1 tinyurl.com/j66opet 104.20.219.42
2018-05-25 20:00:38 +0200
0 - 1 - 0 https://tinyurl.com/y8234aeq 104.20.218.42


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (10)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 14 May 2018 08:34:56 GMT
Etag: 18C2FAE57E3319C2DDFB49596FEE2427E3ED32F7
X-OCSP-Responder-ID: rmdccaocsp33
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=1795
Expires: Wed, 16 May 2018 22:12:30 GMT
Date: Wed, 16 May 2018 21:42:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    9f9f80a6adc632fd247fecee50128aff
Sha1:   18c2fae57e3319c2ddfb49596fee2427e3ed32f7
Sha256: 8afa6fe718c3e6cedd31259673a49b7e2227a06d5e05a0a6a42c47dd4882753b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 15 May 2018 09:10:02 GMT
Etag: 2AC0DBB5B1BBBA89FEBF8F23B5F190C5B5337656
X-OCSP-Responder-ID: rmdccaocsp19
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=373
Expires: Wed, 16 May 2018 21:48:48 GMT
Date: Wed, 16 May 2018 21:42:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    26e365e280dc5a457b42e2ea8eef0780
Sha1:   2ac0dbb5b1bbba89febf8f23b5f190c5b5337656
Sha256: d5c0fe255287ad7924b5542633331f631c68db3b3069ca83f88e89016a9044ef
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 16 May 2018 21:42:35 GMT
Server: Apache
Last-Modified: Tue, 15 May 2018 09:10:02 GMT
Expires: Tue, 22 May 2018 09:10:02 GMT
Etag: 2DF03B86AAEA9CF48FA64F0AD042A264F5C8861D
Cache-Control: max-age=472646,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp19
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    afe1703fb88ddf3ee1a1b4fcd33debe9
Sha1:   2df03b86aaea9cf48fa64f0ad042a264f5c8861d
Sha256: 1eaa98aabb5239638551559b0aa424c687cf27a9af754873da6eb8b28693d16c
                                        
                                            GET /y8lsdxja HTTP/1.1 
Host: tinyurl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.20.219.42
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 16 May 2018 21:42:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d5e5c034c5ef291b0c5ea45237cb8fdd31526506955; expires=Thu, 16-May-19 21:42:35 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=afca5d0a0af24d28817b0000; expires=Thu, 16-May-2019 21:42:35 GMT; Max-Age=31536000; path=/; domain=.tinyurl.com
Location: https://www.autobit.co.uk/myfax.htm
X-tiny: cache 0.0093381404876709
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 41c103d73f9e428b-OSL


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.107
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "0F47D47F3AECFBC9649A8628DAC3254CF82D65ED2074E2A45E90959FD50BAAC9"
Last-Modified: Tue, 15 May 2018 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Thu, 17 May 2018 09:42:36 GMT
Date: Wed, 16 May 2018 21:42:36 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    9ab6a60d866c649989904a1e7ffe5510
Sha1:   847e130520133161671c78e038807192c20cfc1c
Sha256: 0f47d47f3aecfbc9649a8628dac3254cf82d65ed2074e2a45e90959fd50baac9
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.122
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Mon, 14 May 2018 07:34:30 GMT
Etag: "ec2dc9e64a0ca44cfe170b9d179fcf9c1c616508"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=11282
Expires: Thu, 17 May 2018 00:50:38 GMT
Date: Wed, 16 May 2018 21:42:36 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    244d5fc3cae3623fa2aae32e8feb2d37
Sha1:   ec2dc9e64a0ca44cfe170b9d179fcf9c1c616508
Sha256: d1eff4eababbe69edc87cab0208559c00ea0be5f49b8459c955ea7963bed4b78
                                        
                                            GET /myfax.htm HTTP/1.1 
Host: www.autobit.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         151.80.174.52
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 16 May 2018 21:42:35 GMT
Server: Apache
Last-Modified: Wed, 16 May 2018 16:38:11 GMT
Accept-Ranges: bytes
Content-Length: 77
Keep-Alive: timeout=5, max=120
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    e2e4dd5f7a3633adb94a801c430f0ad4
Sha1:   9ce93aad58e0ff45b6950c4b4af4702b8384ccf7
Sha256: 48476e3c3417a1ed5481b5d5eea0e79bc780bf89dbb4bd50b5a387db3a6253c6

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.autobit.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         151.80.174.52
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Wed, 16 May 2018 21:42:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=119
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.autobit.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         151.80.174.52
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Wed, 16 May 2018 21:42:38 GMT
Server: Apache
Keep-Alive: timeout=5, max=118
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
                                        
                                            GET /arc/one/ HTTP/1.1 
Host: condogastown.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing