urlscan.io logo urlscan.io
SecurityTrails logo

kv2.short.gy Open in urlscan Pro
18.184.197.212  Public Scan

Go To Rescan Add Verdict Report
URL: https://kv2.short.gy/threestonescapital.com/investment-agreement2021
Submission: On April 30 via manual from LU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 18.184.197.212, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is kv2.short.gy.
TLS certificate: Issued by R3 on April 23rd 2021. Valid for: 3 months.
This is the only time kv2.short.gy was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18.184.197.212 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 99.84.155.217 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 4
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 d2te5kruq0pvbl.cloudfront.net kv2.short.gy
1 fonts.googleapis.com kv2.short.gy
1 kv2.short.gy
6 4

This site contains links to these domains. Also see Links.

Domain
phishingquiz.withgoogle.com
Subject Issuer Validity Valid
*.short.gy
R3		 2021-04-23 -
2021-07-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kv2.short.gy/threestonescapital.com/investment-agreement2021
Frame ID: 3F2089768864CCAFCCBB28CD07B8C1BB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

108 kB
Transfer

108 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request investment-agreement2021
kv2.short.gy/threestonescapital.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kv2.short.gy/threestonescapital.com/investment-agreement2021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.184.197.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-197-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
24928a388658f18c4a976846601da94decf609dd0972d0a9f5b7363fb8ec739e

Request headers

Host
kv2.short.gy
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Content-Length
5107
Date
Fri, 30 Apr 2021 08:19:56 GMT
Connection
keep-alive
Keep-Alive
timeout=5
css2
fonts.googleapis.com/ 		2 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Hind:wght@400;500&display=swap
Requested by
Host: kv2.short.gy
URL: https://kv2.short.gy/threestonescapital.com/investment-agreement2021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2e337eb0fc8a3d26241de932fab0fab513fe6a0c715d64cfae379051718df90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kv2.short.gy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Apr 2021 08:19:56 GMT
server
ESF
date
Fri, 30 Apr 2021 08:19:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Apr 2021 08:19:56 GMT
exclamation-mark.svg
d2te5kruq0pvbl.cloudfront.net/redirector/ 		602 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2te5kruq0pvbl.cloudfront.net/redirector/exclamation-mark.svg
Requested by
Host: kv2.short.gy
URL: https://kv2.short.gy/threestonescapital.com/investment-agreement2021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-217.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d850a3daa8d0ca6201762061b79fc38eb69ce51ab8907e60430d7851446d958b

Request headers

Referer
https://kv2.short.gy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 02:54:37 GMT
Via
1.1 5e73c9f0818a1864e592f61fe6506072.cloudfront.net (CloudFront)
Last-Modified
Wed, 24 Mar 2021 12:59:53 GMT
Server
AmazonS3
Age
19520
ETag
"e6f9538f279748c9ae17973c54ae426d"
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Connection
keep-alive
X-Amz-Cf-Pop
TXL52-C1
Accept-Ranges
bytes
Content-Length
602
X-Amz-Cf-Id
0QG7qiqLiri118VpaoebiSB1vnOv9JATZ-NEAv5fepAkNsGaeQpUTw==
link-to-a-fraud-website.png
d2te5kruq0pvbl.cloudfront.net/redirector/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2te5kruq0pvbl.cloudfront.net/redirector/link-to-a-fraud-website.png
Requested by
Host: kv2.short.gy
URL: https://kv2.short.gy/threestonescapital.com/investment-agreement2021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-217.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5029e05024a0acd57ea0256c771329dbb11acc09f7efd7bbd29e03ee542c5796

Request headers

Referer
https://kv2.short.gy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 05:00:04 GMT
Via
1.1 b88825ad151091557d336c3519215162.cloudfront.net (CloudFront)
Last-Modified
Wed, 24 Mar 2021 12:50:24 GMT
Server
AmazonS3
Age
11993
ETag
"f85911132a40e397e4cb01dc917772bf"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
TXL52-C1
Accept-Ranges
bytes
Content-Length
69925
X-Amz-Cf-Id
ExrdC8UhKdpeDwRrXZX0thnNjUVvu8VFBbrfnND2vXXhdYj9vcEawQ==
5aU19_a8oxmIfJpbERySjQ.woff2
fonts.gstatic.com/s/hind/v11/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfJpbERySjQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
806f5b4761fdb196821c0eac48fae6e26559c371226f9d73aba6eaa33aacb577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://kv2.short.gy
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 07:07:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:23 GMT
server
sffe
age
263542
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16796
x-xss-protection
0
expires
Wed, 27 Apr 2022 07:07:34 GMT
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v11/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a3280717b1f82f46bee459863720a03de43b16dc8097ba1b133440e5fe0edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://kv2.short.gy
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 02:03:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:03 GMT
server
sffe
age
109010
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16264
x-xss-protection
0
expires
Fri, 29 Apr 2022 02:03:06 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies