Report - vqr.vc/IqjUsmxWC

Report Overview

Visited public
2024-12-19 03:44:32
Tags
Submit Tags
URL
vqr.vc/IqjUsmxWC
Finishing URL
googleweblight.com/i?u=google.com
IP / ASN
3.164.230.64
#16509 AMAZON-02
Title
Error 404 (Not Found)!!1

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
vqr.vc	unknown	2022-06-02	2022-06-08	2024-11-28	470 B	496 B	54.240.174.58
go.redirectingat.com	49804	2008-12-15	2012-07-12	2024-12-16	1.4 kB	2.8 kB	35.190.25.30
wps-api-qatevvay.com	unknown	unknown	No data	No data	965 B	806 B	50.6.198.248
googleweblight.com	76814	2015-03-27	2015-05-26	2024-12-16	713 B	3.4 kB	142.250.74.97
www.google.com	7	1997-09-15	2015-05-10	2024-12-18	672 B	11 kB	216.58.207.228

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-19	medium	vqr.vc	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (10)

URL IP Response Size

GET vqr.vc/IqjUsmxWC

54.240.174.58

302 Found

0 B

URL User Request GET HTTP/2
vqr.vc/IqjUsmxWC
IP
54.240.174.58:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectconnected-products-redirector.digital.vistaprint.io
FingerprintA9:EB:71:71:B4:A7:B4:24:04:C7:89:62:93:D2:49:30:53:4D:30:04
ValidityMon, 10 Jun 2024 00:00:00 GMT - Wed, 09 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /IqjUsmxWC HTTP/1.1
Host: vqr.vc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: http://go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd
server: CloudFront
date: Thu, 19 Dec 2024 03:44:09 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 82ItARu4DyOcQ0KmGHuwNIMiBB1HmZou2yYt9Gg9dVJfkuFQIdMNMg==
X-Firefox-Spdy: h2

GET go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd

35.190.25.30

302 Found

151 B

URL User Request GET HTTP/2
go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd
IP
35.190.25.30:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subjectredirectingat.com
FingerprintD2:56:B7:13:1E:7C:EF:5B:21:01:80:60:0A:8A:BF:A0:8A:1F:9C:A7
ValidityThu, 14 Nov 2024 16:48:12 GMT - Wed, 12 Feb 2025 17:44:07 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
151 B (151 bytes)
Hash
bce44c35b8bb3f6c180e3acb2f1f1121
c3c9681b046b8da8a2e698317b930e7f969ed28f
a34146c58c1c08839931e4d93cc0176a9f53bac0a9220814cb4e8676375b51ac

HTTP Headers

GET /?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd HTTP/1.1
Host: go.redirectingat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: openresty/1.21.4.1
Date: Thu, 19 Dec 2024 03:44:09 GMT
Content-Type: text/html
Content-Length: 151
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd
Via: 1.1 google

GET go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd

35.190.25.30

302 Found

0 B

URL User Request GET HTTP/2
go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd
IP
35.190.25.30:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subjectredirectingat.com
FingerprintD2:56:B7:13:1E:7C:EF:5B:21:01:80:60:0A:8A:BF:A0:8A:1F:9C:A7
ValidityThu, 14 Nov 2024 16:48:12 GMT - Wed, 12 Feb 2025 17:44:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd HTTP/1.1
Host: go.redirectingat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty/1.21.4.1
date: Thu, 19 Dec 2024 03:44:09 GMT
content-type: text/plain
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-skimhost: cookie-dealer-waypoint-7dbdc6799f-hvcnc
location: https://wps-api-qatevvay.com/9?ai=xd
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET wps-api-qatevvay.com/9?ai=xd

50.6.198.248

301 Moved Permanently

245 B

URL User Request GET HTTP/1.1
wps-api-qatevvay.com/9?ai=xd
IP
50.6.198.248:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerLet's Encrypt
Subjectwps-api-qatevvay.com
FingerprintB1:A5:16:5D:5C:4E:50:0B:07:AB:D7:22:5B:57:8B:71:2B:26:00:D9
ValidityTue, 19 Nov 2024 23:48:36 GMT - Mon, 17 Feb 2025 23:48:35 GMT

File type
HTML document, ASCII text
Size
245 B (245 bytes)
Hash
525d47acac9d00ae68eddfb603b50ec1
cd73cc5e4dc5bd8946dc2a55d2f858c14db3a2f6
7f89a1dd90d4b80d3d75ec10eee584e446bb0f0d8b28b090b2d34d83e86dedb1

HTTP Headers

GET /9?ai=xd HTTP/1.1
Host: wps-api-qatevvay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Dec 2024 03:44:09 GMT
Server: Apache
Location: https://wps-api-qatevvay.com/9/?ai=xd
Content-Length: 245
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET wps-api-qatevvay.com/9/?ai=xd

50.6.198.248

302 Found

0 B

URL User Request GET HTTP/1.1
wps-api-qatevvay.com/9/?ai=xd
IP
50.6.198.248:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerLet's Encrypt
Subjectwps-api-qatevvay.com
FingerprintB1:A5:16:5D:5C:4E:50:0B:07:AB:D7:22:5B:57:8B:71:2B:26:00:D9
ValidityTue, 19 Nov 2024 23:48:36 GMT - Mon, 17 Feb 2025 23:48:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9/?ai=xd HTTP/1.1
Host: wps-api-qatevvay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Thu, 19 Dec 2024 03:44:10 GMT
Server: Apache
location: http://googleweblight.com/i?u=google.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET googleweblight.com/i?u=google.com

142.250.74.97

404 Not Found

1.6 kB

URL User Request GET HTTP/1.1
googleweblight.com/i?u=google.com
IP
142.250.74.97:80
ASN
#15169 GOOGLE

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1562 bytes)
Hash
644244cf92252e788c7563d9ed5fc8a4
893b4ee598eb3f183fc55658fe298ea459379c79
f4f2d1e1b03b20f5be21ffef9769243aa0ca27a0180ef37b1bc0735d046fd032

HTTP Headers

GET /i?u=google.com HTTP/1.1
Host: googleweblight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1562
Date: Thu, 19 Dec 2024 03:44:10 GMT

GET www.google.com/images/errors/robot.png

216.58.207.228

200 OK

6.3 kB

URL GET HTTP/1.1
www.google.com/images/errors/robot.png
IP
216.58.207.228:80
ASN
#15169 GOOGLE

Requested by
http://googleweblight.com/i?u=google.com

File type
PNG image data, 171 x 213, 8-bit colormap, non-interlaced
Size
6.3 kB (6327 bytes)
Hash
4c9acf280b47cef7def3fc91a34c7ffe
c32bb847daf52117ab93b723d7c57d8b1e75d36b
5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7

HTTP Headers

GET /images/errors/robot.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 6327
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 13 Dec 2024 19:06:42 GMT
Expires: Sat, 13 Dec 2025 19:06:42 GMT
Cache-Control: public, max-age=31536000
Age: 463048
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Content-Type: image/png

GET www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

216.58.207.228

200 OK

3.2 kB

URL GET HTTP/1.1
www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
IP
216.58.207.228:80
ASN
#15169 GOOGLE

Requested by
http://googleweblight.com/i?u=google.com

File type
PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3170 bytes)
Hash
9d73b3aa30bce9d8f166de5178ae4338
d0cbc46850d8ed54625a3b2b01a2c31f37977e75
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_150x54dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/png
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 3170
Date: Thu, 19 Dec 2024 03:44:10 GMT
Expires: Thu, 19 Dec 2024 03:44:10 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0

GET googleweblight.com/favicon.ico

142.250.74.97

404 Not Found

1.6 kB

URL GET HTTP/1.1
googleweblight.com/favicon.ico
IP
142.250.74.97:80
ASN
#15169 GOOGLE

Requested by
http://googleweblight.com/i?u=google.com

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1572 bytes)
Hash
13fec0c2fbf5c47c4608ce0c9405e5a7
dafb6ca27cfd22e88a2d53150c4350fca3d32a21
7f25fd0260c4ef8c26a87a5a126634e846ba539c75e5d508103f4d98831654a5

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: googleweblight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1572
Date: Thu, 19 Dec 2024 03:44:10 GMT

GET go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd

35.190.25.30

302 Found

1.6 kB

URL User Request GET HTTP/1.1
go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd
IP
35.190.25.30:80
ASN
#15169 GOOGLE

File type

Size
1.6 kB (1562 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd HTTP/1.1
Host: go.redirectingat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: openresty/1.21.4.1
Date: Thu, 19 Dec 2024 03:44:09 GMT
Content-Type: text/html
Content-Length: 151
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://go.redirectingat.com/?id=81657X1533118&xs=1&url=https://wps-api-qatevvay.com/9?ai=xd
Via: 1.1 google

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (10)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN