Overview

URL https://is.gd/mUrTEE
IP104.31.14.172
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-06-13 22:04:17 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-06-13 2 alselecsas.com.co/me/Indexxatt.htm Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.31.14.172

Date UQ / IDS / BL URL IP
2018-06-21 17:05:50 +0200
0 - 0 - 0 https://is.gd/x3yvrc 104.31.14.172
2018-06-20 16:16:57 +0200
0 - 0 - 0 https://is.gd/6JykkT 104.31.14.172
2018-06-20 11:58:42 +0200
0 - 0 - 2 https://is.gd/W1G1ZB 104.31.14.172
2018-06-18 14:28:36 +0200
0 - 0 - 2 https://is.gd/W1G1ZB 104.31.14.172
2018-06-15 19:01:00 +0200
0 - 1 - 0 is.gd/t6kDdQ 104.31.14.172
2018-06-14 20:05:48 +0200
0 - 0 - 0 https://is.gd/primtimes 104.31.14.172
2018-06-14 20:01:39 +0200
2 - 0 - 1 https://is.gd/YYK3Cj 104.31.14.172
2018-06-14 15:03:58 +0200
0 - 0 - 1 https://is.gd/mUrTEE 104.31.14.172
2018-06-14 13:12:23 +0200
0 - 0 - 1 https://is.gd/N7yxay 104.31.14.172
2018-06-13 18:00:28 +0200
0 - 0 - 1 https://is.gd/N7yxay 104.31.14.172

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2018-06-22 17:35:58 +0200
0 - 0 - 0 citygov.ancorathemes.com/forums/topic/torrent (...) 104.25.170.98
2018-06-22 17:34:31 +0200
0 - 0 - 0 citygov.ancorathemes.com/forums/topic/torrent (...) 104.25.170.98
2018-06-22 17:33:13 +0200
0 - 0 - 0 citygov.ancorathemes.com/forums/topic/torrent (...) 104.25.169.98
2018-06-22 17:32:03 +0200
0 - 0 - 0 citygov.ancorathemes.com/forums/topic/torrent (...) 104.25.170.98
2018-06-22 17:30:45 +0200
0 - 0 - 0 citygov.ancorathemes.com/forums/topic/torrent (...) 104.25.169.98
2018-06-22 17:28:06 +0200
0 - 0 - 0 citygov.ancorathemes.com/forums/topic/tag-201 (...) 104.25.170.98
2018-06-22 17:27:48 +0200
0 - 0 - 0 www.kqrjvvfqtymrh.net 104.31.81.191
2018-06-22 17:26:52 +0200
0 - 0 - 0 freegeoip.net 104.25.148.25
2018-06-22 17:26:43 +0200
0 - 0 - 0 https://prod2.beeline.com 104.16.58.62
2018-06-22 17:25:23 +0200
0 - 0 - 0 https://tinyurl.com/yc8au2j2 104.20.218.42

Last 10 reports on domain: is.gd

Date UQ / IDS / BL URL IP
2018-06-22 01:33:01 +0200
0 - 0 - 0 is.gd 104.31.15.172
2018-06-21 17:05:50 +0200
0 - 0 - 0 https://is.gd/x3yvrc 104.31.14.172
2018-06-20 22:41:27 +0200
0 - 1 - 0 is.gd/t6kDdQ 104.31.15.172
2018-06-20 16:16:57 +0200
0 - 0 - 0 https://is.gd/6JykkT 104.31.14.172
2018-06-20 11:58:42 +0200
0 - 0 - 2 https://is.gd/W1G1ZB 104.31.14.172
2018-06-19 22:01:32 +0200
0 - 0 - 1 https://is.gd/N7yxay 104.31.15.172
2018-06-19 18:51:00 +0200
0 - 0 - 2 https://is.gd/N6M3ri 104.31.15.172
2018-06-18 14:28:36 +0200
0 - 0 - 2 https://is.gd/W1G1ZB 104.31.14.172
2018-06-18 04:42:31 +0200
0 - 0 - 1 https://is.gd/N7yxay 104.31.15.172
2018-06-16 08:04:20 +0200
0 - 1 - 0 is.gd/t6kDdQ 104.31.15.172


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (4)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 13 Jun 2018 04:42:52 GMT
Etag: 00594483A603FDC8C2D1D9A1BC93F0B325CF1F3E
X-OCSP-Responder-ID: rmdccaocsp17
Content-Length: 279
Cache-Control: public, no-transform, must-revalidate, max-age=1800
Expires: Wed, 13 Jun 2018 20:33:46 GMT
Date: Wed, 13 Jun 2018 20:03:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   279
Md5:    661e076ec74d81d81047f6e800133661
Sha1:   00594483a603fdc8c2d1d9a1bc93f0b325cf1f3e
Sha256: cb4956699dc5dafefb7c8e045f5353a76698e918c793193190d72073b120f314
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 12 Jun 2018 01:16:20 GMT
Etag: 5C5063D02D7F0CC9E2FEDB13F269E70D01D6D352
X-OCSP-Responder-ID: rmdccaocsp17
Content-Length: 313
Cache-Control: public, no-transform, must-revalidate, max-age=1572
Expires: Wed, 13 Jun 2018 20:29:58 GMT
Date: Wed, 13 Jun 2018 20:03:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   313
Md5:    2d854403e13826e5d83f8ece896ea3e2
Sha1:   5c5063d02d7f0cc9e2fedb13f269e70d01d6d352
Sha256: 126a9c178e1d62caace2fa38037ce4cd73efe1dbab6e05e9b3145f2219f27d38
                                        
                                            GET /mUrTEE HTTP/1.1 
Host: is.gd
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.31.14.172
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Wed, 13 Jun 2018 20:03:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d2ff6aa03e94c624e3d1cfec2917829211528920226; expires=Thu, 13-Jun-19 20:03:46 GMT; path=/; domain=.is.gd; HttpOnly
X-Powered-By: PHP/5.5.9-1ubuntu4.16
Location: https://alselecsas.com.co/me/Indexxatt.htm
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 42a729973a1642a9-OSL


--- Additional Info ---
                                        
                                            GET /me/Indexxatt.htm HTTP/1.1 
Host: alselecsas.com.co
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing