Report - zerowaterstreet.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

Report Overview

Visitedpublic

2025-03-25 22:41:52

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.popsburgers.com	unknown	2020-01-08	2025-03-25	2025-03-25	3.1 kB	46 kB	188.114.96.1
zerowaterstreet.com	unknown	1998-12-29	2025-03-25	2025-03-25	535 B	5.4 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php	ScriptElement	210 B	2023-03-07	2025-08-02
URL www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 161851 Size 210 B (210 bytes) MD5 ab1ac4cf0f484cc9f859c0a7983353e0 SHA1 2da142b1135bd10cdbed4a7353e4483acc30ebe9 SHA256 50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324 Format Code Loading...

	www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php	ScriptElement	375 B	2023-03-07	2025-08-02
URL www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 167756 Size 375 B (375 bytes) MD5 56df91490fa1984fa82b297dcb23c22d SHA1 2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9 SHA256 275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24 Format Code Loading...

	www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php	ScriptElement	38 B	2023-03-07	2025-08-02
URL www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 124779 Size 38 B (38 bytes) MD5 eb2ee6e4b3d4e81bacdb2474d9b3c2f5 SHA1 6588855b25c975b224e0fd1b50ca1b3f36cd46ed SHA256 3dd83a652b2e60d8dfc699cd2006f70007b826a92b49e61e9194bf422481ac05 Format Code Loading...

HTTP Transactions (7)

URL IP Response Size

GET zerowaterstreet.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

188.114.97.1

301 Moved Permanently

4.5 kB

URL

zerowaterstreet.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606812

Size4.5 kB (4517 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectzerowaterstreet.com

Fingerprint04:87:06:FC:40:39:7E:31:E0:01:A5:0C:B6:D2:63:63:6E:F8:09:21

ValidityThu, 06 Mar 2025 04:19:21 GMT - Wed, 04 Jun 2025 05:16:56 GMT

HTTP Headers

GET /hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php HTTP/1.1
Host: zerowaterstreet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 25 Mar 2025 22:41:30 GMT
content-type: text/html
location: https://www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ofnh6sN8NMeZ5MqIXmRx4s4rb9on8t2ePQ1Paa5e15luXtyV94zopZtiDLflE3ZQmzW38deiKRIVqGz9ha6%2FrwOIUyfMOI5qcE9VAgTPuliYWKDVArtQXenNHdQwSmyqbrKBiXPH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9261ea82bcbeb500-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6440&min_rtt=493&rtt_var=11653&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3297&recv_bytes=1293&delivery_rate=6118309&cwnd=254&unsent_bytes=0&cid=c8dd6628dc02ee57&ts=294&x=0"
X-Firefox-Spdy: h2

GET www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

188.114.96.1

403 Forbidden

4.5 kB

URL

www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (4752), with no line terminators

First Seen2025-03-25

Last Seen2025-03-25

Times Seen1

Size4.5 kB (4517 bytes)

MD5a9b7accaf10e67f161bc94abbffad9cd

SHA1477a7f5d21ecfdbcbbbf1c42bc9f71987ed1a213

SHA256cb4e095eb8a8cf21cb93486f90db8258bdc8acc2eac387d006d227c53cc3e32d

Certificate Info

IssuerGoogle Trust Services

Subjectpopsburgers.com

FingerprintEF:56:CC:AE:A7:40:22:6C:A2:15:43:63:9C:EC:56:CF:97:F7:A5:AA

ValidityTue, 25 Mar 2025 20:05:50 GMT - Mon, 23 Jun 2025 21:05:45 GMT

HTTP Headers

GET /hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php HTTP/1.1
Host: www.popsburgers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Tue, 25 Mar 2025 22:41:30 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Tue, 25 Mar 2025 22:41:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umnsJQxaYDzgAlfwHvPSGcRojeYfig%2BrN%2FQvf9Z1wmqxX5FIjNfgJ30cB6mH6FzkSrxBqrjvNk9Aq%2Fr3PK%2B1YW4IAnULtSrGbx7PsAm%2FuZSK9b4kTc9S5FsOdOa7VwwzMVadLRYm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 9261ea84b8b1b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=512&min_rtt=458&rtt_var=167&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3209&recv_bytes=1162&delivery_rate=8402321&cwnd=253&unsent_bytes=0&cid=11c6f5ecac9905c4&ts=27&x=0"
X-Firefox-Spdy: h2

GET www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

188.114.96.1

403 Forbidden

4.5 kB

URL

www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (4752), with no line terminators

First Seen2025-03-25

Last Seen2025-03-25

Times Seen1

Size4.5 kB (4517 bytes)

MD5a935c3a898fb7d31558b0fbd9ab14159

SHA11add24b703acc4237eb5d6f692c62aea8ed24130

SHA25640832931f69e263b33da632d3e102328506316e7801102b63c1f97ee81cc7554

Certificate Info

IssuerGoogle Trust Services

Subjectpopsburgers.com

FingerprintEF:56:CC:AE:A7:40:22:6C:A2:15:43:63:9C:EC:56:CF:97:F7:A5:AA

ValidityTue, 25 Mar 2025 20:05:50 GMT - Mon, 23 Jun 2025 21:05:45 GMT

HTTP Headers

GET /hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php HTTP/1.1
Host: www.popsburgers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 25 Mar 2025 22:41:30 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Tue, 25 Mar 2025 22:41:45 GMT
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2A0UKjCMuGfj1NuEUWDsfa%2FSQ%2BJ25gdT8VhwnDj4en9jH%2B1R%2BUZ8COrC3q%2BaJkaIMWqPyP7Tesqtgrm%2Bd6pGjEMAihkRebyTHiH1a1v%2FkFbqqu5p%2BTHdLLWi69sGdh%2BUcGX8za6P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 9261ea85bc4856c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4451&min_rtt=1951&rtt_var=2517&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=1371&delivery_rate=301796&cwnd=12000&unsent_bytes=0&cid=b18004b0561574e8&ts=155&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.popsburgers.com/cdn-cgi/styles/cf.errors.css

188.114.96.1

200 OK

24 kB

URL

www.popsburgers.com/cdn-cgi/styles/cf.errors.css

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

Resource Info

File typeASCII text, with very long lines (24050)

First Seen0001-01-01

Last Seen2025-08-02

Times Seen229575

Size24 kB (24051 bytes)

MD55e8c69a459a691b5d1b9be442332c87d

SHA1f24dd1ad7c9080575d92a9a9a2c42620725ef836

SHA25684e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Certificate Info

IssuerGoogle Trust Services

Subjectpopsburgers.com

FingerprintEF:56:CC:AE:A7:40:22:6C:A2:15:43:63:9C:EC:56:CF:97:F7:A5:AA

ValidityTue, 25 Mar 2025 20:05:50 GMT - Mon, 23 Jun 2025 21:05:45 GMT

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: www.popsburgers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 25 Mar 2025 22:41:30 GMT
content-type: text/css
last-modified: Fri, 14 Mar 2025 21:23:45 GMT
etag: W/"67d49e61-5df3"
server: cloudflare
cf-ray: 9261ea868d2856c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 26 Mar 2025 00:41:30 GMT
cache-control: max-age=7200, public
content-encoding: gzip

GET www.popsburgers.com/cdn-cgi/images/browser-bar.png?1376755637

188.114.96.1

200 OK

715 B

URL

www.popsburgers.com/cdn-cgi/images/browser-bar.png?1376755637

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

Resource Info

File typePNG image data, 960 x 53, 8-bit colormap, non-interlaced

First Seen0001-01-01

Last Seen2025-08-02

Times Seen70208

Size715 B (715 bytes)

MD5226dcb8f6144bdaafdfbd8f2f354be64

SHA13785cc5b3bf52f8e398177b0ff1020b24aa86b8c

SHA2568c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Certificate Info

IssuerGoogle Trust Services

Subjectpopsburgers.com

FingerprintEF:56:CC:AE:A7:40:22:6C:A2:15:43:63:9C:EC:56:CF:97:F7:A5:AA

ValidityTue, 25 Mar 2025 20:05:50 GMT - Mon, 23 Jun 2025 21:05:45 GMT

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: www.popsburgers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.popsburgers.com/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 25 Mar 2025 22:41:30 GMT
content-type: image/png
content-length: 715
last-modified: Fri, 14 Mar 2025 21:23:45 GMT
etag: "67d49e61-2cb"
server: cloudflare
cf-ray: 9261ea86ed8956c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 26 Mar 2025 00:41:30 GMT
cache-control: max-age=7200, public
accept-ranges: bytes

GET www.popsburgers.com/cdn-cgi/images/cf-no-screenshot-error.png

188.114.96.1

200 OK

3.2 kB

URL

www.popsburgers.com/cdn-cgi/images/cf-no-screenshot-error.png

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

Resource Info

File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced

First Seen0001-01-01

Last Seen2025-08-02

Times Seen70215

Size3.2 kB (3213 bytes)

MD50d768cbc261841d3affc933b9ac3130e

SHA1aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7

SHA2561c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Certificate Info

IssuerGoogle Trust Services

Subjectpopsburgers.com

FingerprintEF:56:CC:AE:A7:40:22:6C:A2:15:43:63:9C:EC:56:CF:97:F7:A5:AA

ValidityTue, 25 Mar 2025 20:05:50 GMT - Mon, 23 Jun 2025 21:05:45 GMT

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: www.popsburgers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.popsburgers.com/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 25 Mar 2025 22:41:30 GMT
content-type: image/png
content-length: 3213
last-modified: Fri, 14 Mar 2025 21:23:45 GMT
etag: "67d49e61-c8d"
server: cloudflare
cf-ray: 9261ea86ed8d56c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 26 Mar 2025 00:41:30 GMT
cache-control: max-age=7200, public
accept-ranges: bytes

GET www.popsburgers.com/favicon.ico

188.114.96.1

403 Forbidden

4.5 kB

URL

www.popsburgers.com/favicon.ico

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php

Resource Info

File typeHTML document, ASCII text, with very long lines (4752), with no line terminators

First Seen2025-03-25

Last Seen2025-03-25

Times Seen1

Size4.5 kB (4517 bytes)

MD5f50ee3a838c4ef96e33ecb5140729e92

SHA17adaea858322bdeacfceec78003d6aacfd00b500

SHA256fe02ee8c0ad998371cabc081557ce34561efaae35c21d701bd3b184bd90b375f

Certificate Info

IssuerGoogle Trust Services

Subjectpopsburgers.com

FingerprintEF:56:CC:AE:A7:40:22:6C:A2:15:43:63:9C:EC:56:CF:97:F7:A5:AA

ValidityTue, 25 Mar 2025 20:05:50 GMT - Mon, 23 Jun 2025 21:05:45 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.popsburgers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.popsburgers.com/hydro-qu%C3%A9bec/banks/cibc/accountconfirm.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 25 Mar 2025 22:41:30 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Tue, 25 Mar 2025 22:41:45 GMT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwX%2FXKtEKZsKND8zs2RpQO%2F9gZk7CDZElqs9yosy%2BVCUcOT0IJaRQ7LK%2FuCnISpXbTyWSTbjNIuWYjYUn2x2sdpGeilWasCTblhJzr%2B1N7FYbXyodwrmrzPOgZd4b%2FfwtZT8Jk1v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 9261ea872db656c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3692&min_rtt=1594&rtt_var=2200&sent=28&recv=17&lost=0&retrans=0&sent_bytes=15890&recv_bytes=2802&delivery_rate=391794&cwnd=12000&unsent_bytes=0&cid=b18004b0561574e8&ts=376&x=1", cfExtPri, cfHdrFlush;dur=0