Report - www.rojadirecta.me/

Report Overview

Visitedpublic

2025-07-19 22:27:18

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.rojadirecta.me	458932	2011-01-24	2013-01-30	2025-07-17	1.3 kB	2.8 kB	52.223.39.56
77fa1a6ecb04.01691059.us-east-1.token.awswaf.com	unknown	2015-10-05	2024-12-07	2025-07-19	1.6 kB	1.1 MB	54.240.174.33

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-07-19	medium	77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/challenge.js	Unique code from Jetriz, Swid & Jeniva of the Tetris framework
2025-07-19	medium	javascript.script.md5:2c3e1faa0a31dc58298c5ca7538d4c1b	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

URL

From

Size

First Seen

Last Seen

www.rojadirecta.me/

ScriptElement

765 B

2025-07-19

www.rojadirecta.me/

ScriptElement

462 B

2025-03-03

2025-08-01

77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/challenge.js

ScriptElement

1.1 MB

2025-07-19

URL

77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/challenge.js

IP / ASN

54.240.174.33

#16509 AMAZON-02

Introduced by ScriptElement

Embedded false

Resource Info

First Seen 2025-07-19

Last Seen 2025-07-19

Times Seen 1

Size 1.1 MB (1099405 bytes)

MD5 2c3e1faa0a31dc58298c5ca7538d4c1b

SHA1 f645cc414da670ed469e8974c2ab48b1e09fd40b

SHA256 5fdc4174bb1eb074b78387ee6bd4c4166a2789167387342de0b9332d7e6e720c

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

Format Code

HTTP Transactions (6)

URL IP Response Size

GET www.rojadirecta.me/

52.223.39.56

202 Accepted

2.0 kB

URL

www.rojadirecta.me/

IP / ASN

52.223.39.56

#16509 AMAZON-02

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (398)

First Seen2025-07-19

Last Seen2025-07-19

Times Seen1

Size2.0 kB (1991 bytes)

MD5604642b70fd2a8997d12be914fbc194b

SHA140e9a804436778fe50551db645eb40a6e4501680

SHA25620db1f469a0acf69356c28f655841057494a319c82b92a69fbbd547df1dc6add

HTTP Headers

GET / HTTP/1.1
Host: www.rojadirecta.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 202 Accepted
Server: awselb/2.0
Date: Sat, 19 Jul 2025 22:26:56 GMT
Content-Length: 1991
Connection: keep-alive
x-amzn-waf-action: challenge
Cache-Control: no-store, max-age=0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Allow-Headers: x-amzn-waf-action

GET 77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/challenge.js

54.240.174.33

200 OK

1.1 MB

URL

77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/challenge.js

IP / ASN

54.240.174.33

#16509 AMAZON-02

Requested byhttp://www.rojadirecta.me/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2025-07-19

Last Seen2025-07-19

Times Seen1

Size1.1 MB (1099405 bytes)

MD52c3e1faa0a31dc58298c5ca7538d4c1b

SHA1f645cc414da670ed469e8974c2ab48b1e09fd40b

SHA2565fdc4174bb1eb074b78387ee6bd4c4166a2789167387342de0b9332d7e6e720c

Certificate Info

IssuerAmazon

Subject*.01691059.us-east-1.token.awswaf.com

Fingerprint22:EA:47:8C:45:F0:DA:44:69:17:F4:16:3A:F6:DF:B0:9E:06:EA:40

ValiditySat, 05 Apr 2025 00:00:00 GMT - Sun, 03 May 2026 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /77fa1a6ecb04/04b9781908b7/df99f9afaaa1/challenge.js HTTP/1.1
Host: 77fa1a6ecb04.01691059.us-east-1.token.awswaf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.rojadirecta.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
date: Sat, 19 Jul 2025 22:26:57 GMT
expires: 0
x-amzn-waf-challenge-id: Root=1-687c1bb1-28962fa65644fa811def4070
cache-control: private, max-age=86400, stale-while-revalidate=604800
last-modified: Sat, 19 Jul 2025 22:26:57 +0000
pragma: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Y0KjHzKd4fk_JMUUgAq85l6peJsYWWNjMH1UfE5sK0ODczpfXydvAw==
X-Firefox-Spdy: h2

GET 77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/inputs?client=browser

54.240.174.33

200 OK

477 B

URL

77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/inputs?client=browser

IP / ASN

54.240.174.33

#16509 AMAZON-02

Requested byhttp://www.rojadirecta.me/

Resource Info

File typeJSON text data

First Seen2025-07-19

Last Seen2025-07-19

Times Seen1

Size477 B (477 bytes)

MD5aa9f8dc899299eacbbff8726e3794fc0

SHA14669031868c3331d5a670796cebf411570bcba80

SHA25647471a3d039efe26ae3090eb54a0fa75519ba9f5b2f9e29167ce05d9ed5b0ad1

Certificate Info

IssuerAmazon

Subject*.01691059.us-east-1.token.awswaf.com

Fingerprint22:EA:47:8C:45:F0:DA:44:69:17:F4:16:3A:F6:DF:B0:9E:06:EA:40

ValiditySat, 05 Apr 2025 00:00:00 GMT - Sun, 03 May 2026 23:59:59 GMT

HTTP Headers

GET /77fa1a6ecb04/04b9781908b7/df99f9afaaa1/inputs?client=browser HTTP/1.1
Host: 77fa1a6ecb04.01691059.us-east-1.token.awswaf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rojadirecta.me/
Origin: http://www.rojadirecta.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json
content-length: 477
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Jul 2025 22:26:58 GMT
x-amzn-waf-challenge-id: Root=1-687c1bb2-093d943260206ae1142ab2bc
access-control-max-age: 86400
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ss60JKG-odAO49pYz_S-tnaQd4q4-TWBlA_FkwX0VfmrCE0XQfiV6A==

GET www.rojadirecta.me/favicon.ico

52.223.39.56

202 Accepted

0 B

URL

www.rojadirecta.me/favicon.ico

IP / ASN

52.223.39.56

#16509 AMAZON-02

Requested byhttp://www.rojadirecta.me/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5605958

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.rojadirecta.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.rojadirecta.me/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 202 Accepted
Server: awselb/2.0
Date: Sat, 19 Jul 2025 22:26:58 GMT
Content-Length: 0
Connection: keep-alive
x-amzn-waf-action: challenge
Cache-Control: no-store, max-age=0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Allow-Headers: x-amzn-waf-action

POST 77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/report

54.240.174.33

200 OK

2 B

URL

77fa1a6ecb04.01691059.us-east-1.token.awswaf.com/77fa1a6ecb04/04b9781908b7/df99f9afaaa1/report

IP / ASN

54.240.174.33

#16509 AMAZON-02

Requested byhttp://www.rojadirecta.me/

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-09

Last Seen2025-08-02

Times Seen6916

Size2 B (2 bytes)

MD59d4568c009d203ab10e33ea9953a0264

SHA1dd29ecf524b030a65261e3059c48ab9e1ecb2585

SHA25612ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Certificate Info

IssuerAmazon

Subject*.01691059.us-east-1.token.awswaf.com

Fingerprint22:EA:47:8C:45:F0:DA:44:69:17:F4:16:3A:F6:DF:B0:9E:06:EA:40

ValiditySat, 05 Apr 2025 00:00:00 GMT - Sun, 03 May 2026 23:59:59 GMT

HTTP Headers

POST /77fa1a6ecb04/04b9781908b7/df99f9afaaa1/report HTTP/1.1
Host: 77fa1a6ecb04.01691059.us-east-1.token.awswaf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rojadirecta.me/
Content-Type: text/plain;charset=UTF-8
Content-Length: 4926
Origin: http://www.rojadirecta.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json
content-length: 2
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Jul 2025 22:26:58 GMT
x-amzn-waf-challenge-id: Root=1-687c1bb2-41bcc2797e0e3c4e2e52027d
access-control-max-age: 86400
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HeqXiPGuUwFF2xq-YQNUDJkab45AOi4GxuKsGJqUAjVyekTmMLHvwA==

GET www.rojadirecta.me/

0.0.0.0

0 B

URL

www.rojadirecta.me/

IP / ASN

0.0.0.0

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5605958

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.rojadirecta.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache