Report - encurtador.dev/redirecionamento/Vn7Rp

Report Overview

Submitted URL
encurtador.dev/redirecionamento/Vn7Rp
IP
216.239.36.21
ASN
#15169 GOOGLE
Submitted
2024-04-18 07:51:33
Access
public
Website Title
Encurtador de Link
Final URL
www.encurtador.dev/redirecionamento/Vn7Rp
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
encurtador.dev	unknown	2021-10-07	2021-10-20	2024-03-23	491 B	518 B	216.239.36.21
www.encurtador.dev	unknown	2021-10-07	2022-12-04	2024-03-28	2.5 kB	86 kB	54.230.111.6
dr-api.encurtador.dev	unknown	2021-10-07	2022-09-05	2024-03-23	1.0 kB	627 B	34.205.184.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	encurtador.dev	Sinkholed
2024-04-18	medium	encurtador.dev	Sinkholed
2024-04-18	medium	encurtador.dev	Sinkholed
2024-04-18	medium	encurtador.dev	Sinkholed
2024-04-18	medium	encurtador.dev	Sinkholed
2024-04-18	medium	encurtador.dev	Sinkholed
2024-04-18	medium	encurtador.dev	Sinkholed
2024-04-18	medium	encurtador.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	www.encurtador.dev/redirecionamento/Vn7Rp	107 B	2023-03-08	2024-04-26
Pretty URL www.encurtador.dev/redirecionamento/Vn7Rp IP 54.230.111.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:26:18 Last Seen2024-04-26 23:17:09 Times Seen41 Hash 20b42caef36a07edadeaaabde8e27984 6ff4f3b3111694fc29b23771ed929cdc0c80bd29 e42185559b31fac5bbbbcc2f7c81a19ac5fcd4f79a1148f656186a862ea7238d Loading...

	www.encurtador.dev/assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js	27 kB	2023-07-18	2024-04-26
Pretty URL www.encurtador.dev/assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js IP 54.230.111.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-18 12:53:41 Last Seen2024-04-26 23:17:09 Times Seen35 Hash 3e967e9653c48ab8dae7e2bf093f85d0 00455b91597e03eee3ec47e76293f67390c4b1b6 5d93fa2ec48cf202a2f2f907dddd367f4652505e0361ae7c162ff57a084adb27 Loading...

HTTP Transactions (8)

URL IP Response Size

encurtador.dev/redirecionamento/Vn7Rp

216.239.36.21

301 Moved Permanently

246 B

URL User Request GET HTTP/2
encurtador.dev/redirecionamento/Vn7Rp
IP
216.239.36.21:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectencurtador.dev
FingerprintCE:04:E7:D7:C0:89:5A:90:26:EE:DC:91:36:51:A7:FA:7E:31:CF:E6
ValiditySun, 17 Mar 2024 11:16:57 GMT - Sat, 15 Jun 2024 12:07:29 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
246 B (246 bytes)
Hash
d0eb2fdfaaa2593dfdd60c770c5330b3
534edf5990b23b70de2a9ba015665b88a8f37366
f376909551e17c7b897bf997eb19deff991c828d57d89f39d18f8e8faaed1922

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /redirecionamento/Vn7Rp HTTP/1.1
Host: encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.encurtador.dev/redirecionamento/Vn7Rp
date: Thu, 18 Apr 2024 07:51:08 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 246
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

www.encurtador.dev/assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js

54.230.111.6

200 OK

26 kB

URL GET HTTP/2
www.encurtador.dev/assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js
IP
54.230.111.6:443
ASN
#16509 AMAZON-02

Requested by
https://www.encurtador.dev/redirecionamento/Vn7Rp
Certificate
IssuerAmazon
Subjectencurtador.dev
Fingerprint46:29:7B:DC:AC:DE:A6:CE:F1:26:BB:05:07:13:57:34:16:37:05:01
ValidityTue, 08 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (26366), with no line terminators
Size
26 kB (26538 bytes)
Hash
e02342ac66864d7fa09632252c6303db
a414cbcda3a35ce4ec0b780acb1121ea601cbea6
01a42da404cea7f2653981ecb2b9c60b65fc77902f438732c1fe249db0e90964

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/redirecionamento/Vn7Rp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 12 Jan 2024 23:32:12 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: W/"e02342ac66864d7fa09632252c6303db"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tacsuq8sbumhg-Ir7Sa_hzVn79F6hm7dzKtVQ-IOnK0fa-HMr0z2bA==
age: 8324338
X-Firefox-Spdy: h2

www.encurtador.dev/assets/icons/icon-192x192.png

54.230.111.6

200 OK

6.6 kB

URL GET HTTP/2
www.encurtador.dev/assets/icons/icon-192x192.png
IP
54.230.111.6:443
ASN
#16509 AMAZON-02

Requested by
https://www.encurtador.dev/redirecionamento/Vn7Rp
Certificate
IssuerAmazon
Subjectencurtador.dev
Fingerprint46:29:7B:DC:AC:DE:A6:CE:F1:26:BB:05:07:13:57:34:16:37:05:01
ValidityTue, 08 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Size
6.6 kB (6552 bytes)
Hash
0541c5dbe2cfbe6ad5a7b515e6ab9067
999c2752c9578e394bf2954ce6a5e76112440be8
49a41c3ceb01fad6ab47e2bd3456034c960adb6e4d9b8901ccbfdaebbf752404

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/icon-192x192.png HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/redirecionamento/Vn7Rp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 6552
date: Sat, 13 Jan 2024 00:07:33 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: "0541c5dbe2cfbe6ad5a7b515e6ab9067"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WuvUDkoWwY1m1abvY0JuIsVN-HCFCld7cttjC9OpyiGKc8AFQ5nVGw==
age: 8322217
X-Firefox-Spdy: h2

dr-api.encurtador.dev/encurtamentos/Vn7Rp

34.205.184.226

204 No Content

0 B

URL OPTIONS HTTP/2
dr-api.encurtador.dev/encurtamentos/Vn7Rp
IP
34.205.184.226:443
ASN
#14618 AMAZON-AES

Requested by
https://www.encurtador.dev/redirecionamento/Vn7Rp
Certificate
IssuerAmazon
Subjectencurtador.dev
Fingerprint46:29:7B:DC:AC:DE:A6:CE:F1:26:BB:05:07:13:57:34:16:37:05:01
ValidityTue, 08 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /encurtamentos/Vn7Rp HTTP/1.1
Host: dr-api.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.encurtador.dev/
Origin: https://www.encurtador.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 07:51:09 GMT
access-control-allow-origin: https://www.encurtador.dev
access-control-allow-methods: *
access-control-allow-headers: *
vary: origin
access-control-max-age: 3600
apigw-requestid: WaWVJihyoAMEYag=
X-Firefox-Spdy: h2

dr-api.encurtador.dev/encurtamentos/Vn7Rp

34.205.184.226

204 No Content

114 B

URL OPTIONS HTTP/2
dr-api.encurtador.dev/encurtamentos/Vn7Rp
IP
34.205.184.226:443
ASN
#14618 AMAZON-AES

Requested by
https://www.encurtador.dev/redirecionamento/Vn7Rp
Certificate
IssuerAmazon
Subjectencurtador.dev
Fingerprint46:29:7B:DC:AC:DE:A6:CE:F1:26:BB:05:07:13:57:34:16:37:05:01
ValidityTue, 08 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type
JSON text data
Size
114 B (114 bytes)
Hash
a3d1916f27f094a3e819fb2aaf5f441b
890e08e1b761815abbac68227de2f86aa7b72202
741981c87f0622e848b567385ee2ee5b128e20dae3611cb99e839d8f40a00176

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /encurtamentos/Vn7Rp HTTP/1.1
Host: dr-api.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Origin: https://www.encurtador.dev
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:51:09 GMT
content-type: application/json
content-length: 114
access-control-allow-origin: https://www.encurtador.dev
vary: origin
apigw-requestid: WaWVKgaGIAMEMDw=
X-Firefox-Spdy: h2

www.encurtador.dev/assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css

54.230.111.6

200 OK

17 kB

URL GET HTTP/2
www.encurtador.dev/assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css
IP
54.230.111.6:443
ASN
#16509 AMAZON-02

Requested by
https://www.encurtador.dev/redirecionamento/Vn7Rp
Certificate
IssuerAmazon
Subjectencurtador.dev
Fingerprint46:29:7B:DC:AC:DE:A6:CE:F1:26:BB:05:07:13:57:34:16:37:05:01
ValidityTue, 08 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16794), with no line terminators
Size
17 kB (16794 bytes)
Hash
9d10a760011535bef40e0f19bf220611
6ee9083d84d3390b94000ec2ee25966b935f29d3
74cb0fd4d253e7acf34668943eb8af66307f66b5fc7cc854f5db66bb1caaef74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/redirecionamento/Vn7Rp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Fri, 12 Jan 2024 23:32:12 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: W/"9d10a760011535bef40e0f19bf220611"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mhJ8TYL1ofQFtoNCyyZxS2HcN2YJNCj-Mqd1SEF81oukJ40ApkuopQ==
age: 8324338
X-Firefox-Spdy: h2

www.encurtador.dev/assets/images/sprites.webp

54.230.111.6

200 OK

19 kB

URL GET HTTP/2
www.encurtador.dev/assets/images/sprites.webp
IP
54.230.111.6:443
ASN
#16509 AMAZON-02

Requested by
https://www.encurtador.dev/redirecionamento/Vn7Rp
Certificate
IssuerAmazon
Subjectencurtador.dev
Fingerprint46:29:7B:DC:AC:DE:A6:CE:F1:26:BB:05:07:13:57:34:16:37:05:01
ValidityTue, 08 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
19 kB (18754 bytes)
Hash
b074ae989afb5f0978ea02e3fa2c1064
0e1abe04aa1fdf614ba5e8c5cfea6148f07e8554
94f285306ce3c8e7a752d63b1f56765d1b61782a065ba767f9f5472f193db81b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/sprites.webp HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 18754
date: Sat, 13 Jan 2024 00:57:00 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: "b074ae989afb5f0978ea02e3fa2c1064"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pseXsxaEvkYnt_o27ruBcQP_WCuBc1JJ63Xx18E72gCeJviw65ka6Q==
age: 8319250
X-Firefox-Spdy: h2

www.encurtador.dev/redirecionamento/Vn7Rp

54.230.111.6

200 OK

14 kB

URL User Request GET HTTP/2
www.encurtador.dev/redirecionamento/Vn7Rp
IP
54.230.111.6:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectencurtador.dev
Fingerprint46:29:7B:DC:AC:DE:A6:CE:F1:26:BB:05:07:13:57:34:16:37:05:01
ValidityTue, 08 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type

Size
14 kB (14157 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /redirecionamento/Vn7Rp HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Wed, 17 Apr 2024 09:41:31 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: W/"e4b7bd235bf271bd0cc8741032f0cb72"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LC5nzq4IlFIVdN9RbUJWlJ0sL-eiwcmefKa1twkF53kte5Uy0Gcl7A==
age: 79778
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL OPTIONS HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers