Report - www.is.gd/a9DRzE/

Report Overview

Visited public
2025-01-22 15:29:12
Tags
Submit Tags
URL
www.is.gd/a9DRzE/
Finishing URL
seanmconnmynlty.com/tryut/ciout/viopol
IP / ASN
104.25.233.53
#13335 CLOUDFLARENET
Title
seanmconnmynlty.com/tryut/ciout/viopol

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
seanmconnmynlty.com	unknown	2025-01-17	2025-01-22	2025-01-22	492 B	1.6 kB	104.21.64.1
www.is.gd	unknown	2007-09-12	2014-05-28	2025-01-13	473 B	592 B	104.25.234.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-01-20	medium	seanmconnmynlty.com/tryut/ciout/viopol	Steam
2025-01-21	medium	www.is.gd/a9DRzE/	Steam

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-22	medium	seanmconnmynlty.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

GET seanmconnmynlty.com/tryut/ciout/viopol

104.21.64.1

404 Not Found

355 B

URL User Request GET HTTP/2
seanmconnmynlty.com/tryut/ciout/viopol
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectseanmconnmynlty.com
Fingerprint58:2F:78:E6:9D:D4:C8:F3:06:9E:AB:90:08:9B:B1:E4:46:BE:D1:A9
ValidityTue, 21 Jan 2025 17:36:46 GMT - Mon, 21 Apr 2025 18:36:40 GMT

File type
gzip compressed data, from Unix
Size
355 B (355 bytes)
Hash
d5163d1687b4eb3464787cc770038fc4
5ec074b2f910e9c06ee0fdff9ac8156e173b5b8c
4ba485f458e97ecc9eb79079e0e2146985c52358eff3542f442d395c599324aa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tryut/ciout/viopol HTTP/1.1
Host: seanmconnmynlty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 22 Jan 2025 15:28:47 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcJiWf63dcoc%2FK7wvnRjrtLDVhXEc8IVbh2dyT3%2BO6ATrfbFxyHxvnA1JHg91X%2BgpCrBz2F8dHMZz%2BtyjrPBFawgU7qaNjBqcJ5rIL2F6jU%2B7LVrWXyWh46tyQyuthdsqsQwIFQP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90609366df3356a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6074&min_rtt=428&rtt_var=11305&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3300&recv_bytes=1265&delivery_rate=8134831&cwnd=254&unsent_bytes=0&cid=4302dc25e283f4f0&ts=294&x=0"
X-Firefox-Spdy: h2

GET www.is.gd/a9DRzE/

104.25.234.53

301 Moved Permanently

65 B

URL User Request GET HTTP/2
www.is.gd/a9DRzE/
IP
104.25.234.53:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectis.gd
Fingerprint4B:AF:30:31:1B:9C:CC:0F:3A:4C:AA:DA:01:8C:64:CF:28:92:B7:D2
ValidityTue, 31 Dec 2024 00:35:28 GMT - Mon, 31 Mar 2025 01:35:26 GMT

File type

Size
65 B (65 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam

HTTP Headers

GET /a9DRzE/ HTTP/1.1
Host: www.is.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 22 Jan 2025 15:28:47 GMT
content-type: text/html; charset=UTF-8
location: https://seanmconnmynlty.com/tryut/ciout/viopol
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=D0t9g8Nrd0iAR9AOHycN8zZoLX77f3aOMaBs9H01cMk-1737559727-1.0.1.1-Cohg7_JiLIkK0dj74fMywMDbkOjlntPfnMlL8CpFYjJgqth9W16036za2fko6gKG9uYVSp6DgYlVLKXZ8LtTJQ; path=/; expires=Wed, 22-Jan-25 15:58:47 GMT; domain=.is.gd; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 906093638e865684-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers