{"report_id":"78f6cba5-8d31-47c7-bcea-d588f21a91b7","version":6,"status":"done","tags":[],"date":"2025-11-24T23:50:10Z","url":{"schema":"http","addr":"shrty.site/videos?invite=38YG0","fqdn":"shrty.site","domain":"shrty.site","tld":"site"},"ip":{"addr":"104.21.5.150","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"shrty.site/videos?invite=38YG0","fqdn":"shrty.site","domain":"shrty.site","tld":"site"},"title":"ShrtY — Teeny Tiny Links","dom":{"size":9484,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"7fc9238ca07a0d27cf0f2e745b5c7d5f","sha1":"00c2e4fb689373a9a874874a3ba689f22cd699d1","sha256":"54c616af8fe0da24e762d84803d92c9c2f35260fe0f040b345a2aea5cca6ef88","sha512":"ef5a564d9f7279bbabb331a94e8949787234b0f94854890982bb29a3b2650b4aa549e1c6153a874762d764cf9affad021d26710123664d1c27829bdb4129b89d","ssdeep":"192:qf/g2Ac43pTFi8V+USx1FflligNwR1Pd3bTBKH8AOHugd+p+ryhAeStSgfW:gN2d3ydtSTu","tlshash":"f612a6671ae30869b81394a46fe747077a54a023c409d9783fdc5298cfc6ef59ad173c","dom_hash":"domhash3aefb10a3a7813575461c85127ff2f61","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"shrty.site/videos?invite=38YG0","fqdn":"shrty.site","domain":"shrty.site","tld":"site"},"ip":{"addr":"104.21.5.150","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-29T23:50:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"shrty.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"shrty.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"shrty.site","ip":{"addr":"104.21.5.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-31","domain_rank":0,"first_seen":"2025-11-09T13:43:19.819358Z","last_seen":"2025-11-09T13:43:19.819358Z","alert_count":2,"request_count":1,"received_data":10013,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-23T22:13:43.05661Z","alert_count":0,"request_count":1,"received_data":1083,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-23T22:13:29.69009Z","alert_count":0,"request_count":1,"received_data":20755,"sent_data":525,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"shrty.site/videos?invite=38YG0","fqdn":"shrty.site","domain":"shrty.site","tld":"site"},"ip":{"addr":"104.21.5.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcc880bb1f7a75a442dbaae1258ec403","sha1":"9bbde60d8e5751e6d59e60c14336ce89b6f500e7","sha256":"e005890b9499f72c44b71830efc416408d911f1310baf2a3cf265b9616fdf6dc","sha512":"214666741777fbeac68d21aa0239ff1a70dd269d8247a3cc641c87551ee825c4947dbd7649f7267463211afb0976a0f9e411190415ac50ea9927165249169405","ssdeep":"","tlshash":"dd1199372a730c04c56b541aa3aec859b520402f6e80ca43777e08b90fc0d3479e25b8","size":860,"data":"","first_seen":"2025-11-24T23:50:10.812649Z","last_seen":"2025-11-24T23:50:10.812649Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"shrty.site/videos?invite=38YG0","fqdn":"shrty.site","domain":"shrty.site","tld":"site"},"ip":{"addr":"104.21.5.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-24T23:49:47.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shrty.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 31 Oct 2025 18:42:10 GMT","end":"Thu, 29 Jan 2026 19:42:08 GMT"},"fingerprint":{"sha1":"71:95:0D:25:B5:19:EA:9A:E0:4E:8D:48:0E:90:94:5E:3E:D9:DA:1A","sha256":"05:8E:B3:FA:DB:1D:D9:B5:35:E8:BC:B7:78:56:A9:A5:8B:16:9E:28:76:52:71:34:9C:31:17:3F:86:78:55:EB"}}},"request":{"raw":"GET /videos?invite=38YG0 HTTP/1.1\r\nHost: shrty.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 23:49:47 GMT\r\ncontent-type: text/html\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f0v9vt7o0osyNX9pxHfIVXuFoSFCKzsqBhbVv0osNW%2Fw8Nrm3T8XbIBJR5bwHq7Cd7kbZkDnCg1JM4%2BomXxZ%2BCsZSTYvVOj8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9a3cce0d68157127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9504,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ff01a465640cc3dcf0de1939e33f8806","sha1":"3e043a49548313fc73de183d2b348782fdbd5bb7","sha256":"d3e6fcf534c6a48a0bc662b903379fe63780b4942e03353216fe7d16616e0d9a","sha512":"a0a5a9d399385d1f7c59b6eaa26b5227f252b42d5a9576e43adbff312186fa39631f9bf9ec57d7b1774a16cb09a0189fd5e4f5ba372cad415a617f46a9b424b1","ssdeep":"192:A3/g2Ac43pTFi8V+USx1FflligNwR1Pd3bTBKH8AOHugd+p+ryhAeSESgfW:EN2d3ydtSoO","tlshash":"1412966b1ae30869b80394a46fe757077a54a023c409d9783fdc5298cfc6ef59ad173c","first_seen":"2025-11-24T23:50:10.810491Z","last_seen":"2025-11-24T23:50:10.810491Z","times_seen":1,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":56,"dns":37,"connect":1,"send":0,"wait":54,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"shrty.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"shrty.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Chewy\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://shrty.site/videos?invite=38YG0","date":"2025-11-24T23:49:48.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"86:F4:DF:07:D6:8D:EF:68:44:7A:73:C8:39:14:1A:2F:98:5E:A2:40","sha256":"A0:B7:4F:94:25:40:33:52:BC:F7:0A:E1:AD:30:BD:19:C3:E9:BB:25:0B:05:26:7C:F8:BB:F0:59:3B:E7:F2:8D"}}},"request":{"raw":"GET /css2?family=Chewy\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shrty.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 24 Nov 2025 23:49:48 GMT\r\ndate: Mon, 24 Nov 2025 23:49:48 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"553a7b490e275d0ed30bf775305e9623","sha1":"9b8532eb6c8687e9e7848ce90cbbba2735cb8e28","sha256":"25e31e407b2d7d08ba15f8516668995e88a4357129a53bf6ed984c2ade6f633a","sha512":"0f95597d3d9717a5305287ed97d65a9e9ce9370425526c00b37da111b6e4202c5ddad6f2beeb35d672fd5ab0f2b50db4edec89cf373ff97229f91a54700bf5dd","ssdeep":"","tlshash":"afe061c10826a500e7a35cc113dd7a32de0e90506440d9749bfe14d8bc55c56539371d","first_seen":"2025-04-10T16:17:53.713556Z","last_seen":"2026-04-22T14:42:29.997492Z","times_seen":53,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":187,"dns":1,"connect":15,"send":0,"wait":35,"receive":0,"ssl":168},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/chewy/v18/uK_94ruUb-k-wn52KjI.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shrty.site/videos?invite=38YG0","date":"2025-11-24T23:49:48.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/chewy/v18/uK_94ruUb-k-wn52KjI.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://shrty.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19920\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 19 Nov 2025 17:29:22 GMT\r\nexpires: Thu, 19 Nov 2026 17:29:22 GMT\r\ncache-control: public, max-age=31536000\r\nage: 454826\r\nlast-modified: Tue, 19 Apr 2022 19:00:30 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19920,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19920, version 1.0","md5":"754c4def845e64948e4e2db385078c00","sha1":"49365281be547c02a001fb7909cdfad1ba518afe","sha256":"5fb894030e4ade4d9f76ede985bc96d468bcb923fcd4b908a5d8e38178819dc4","sha512":"d32f58a5afbbe0f941c9db61bca0a290746acd970b33d1ee16594db453ac48b01084258203e4c48a3dbdec06759932d30cc49ef3be50b3cf3b37e9724360a23c","ssdeep":"384:oJ9aEoCqzZXqHe0lR7rfn1Ypqe9z26oQO6HIQGZKAn00jKU:oJ04HjFrfapqKQQJIjXbjJ","tlshash":"b992d1549bef0c1cc1c50ae9a747a29cead4f5978c007c534ac6aca5f959bec21874fc","first_seen":"2023-04-14T23:57:45Z","last_seen":"2026-04-22T14:42:30.021847Z","times_seen":417,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":109,"dns":1,"connect":20,"send":0,"wait":21,"receive":7,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}