Report - link.infini.fr/qCxnyF8v/

Report Overview

Visited public
2024-12-07 10:26:52
Tags
URL
link.infini.fr/qCxnyF8v/
Finishing URL
did.li/dv6lC
IP / ASN
185.245.249.202
#200322 Xankom Sarl
Title
404 Not Found

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
did.li	unknown	unknown	2019-07-09	2024-12-07	1.2 kB	2.3 kB	54.240.174.29
link.infini.fr	unknown	1996-06-06	2016-11-15	2024-02-03	478 B	520 B	185.245.249.202

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-12-06	medium	link.infini.fr/qCxnyF8v/	Government of France

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-07	medium	did.li	Sinkholed
2024-12-07	medium	did.li	Sinkholed
2024-12-07	medium	did.li	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

link.infini.fr/qCxnyF8v/

185.245.249.202

301 Moved Permanently

0 B

URL User Request GET HTTP/2
link.infini.fr/qCxnyF8v/
IP
185.245.249.202:443
ASN
#200322 Xankom Sarl

Certificate
IssuerSectigo Limited
Subject*.infini.fr
Fingerprint66:00:D7:10:B1:66:69:EB:50:95:CD:DF:D5:C5:D1:F8:B1:24:6B:5B
ValidityMon, 26 Aug 2024 00:00:00 GMT - Thu, 25 Sep 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of France

HTTP Headers

GET /qCxnyF8v/ HTTP/1.1
Host: link.infini.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx/1.14.2
date: Sat, 07 Dec 2024 10:26:27 GMT
content-length: 0
location: https://did.li/dv6lC
x-frame-options: DENY
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://www.infini.fr; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
front-end-https: on
cache-control: public, must-revalidate
X-Firefox-Spdy: h2

did.li/dv6lC

54.240.174.29

404 Not Found

533 B

URL User Request GET HTTP/1.1
did.li/dv6lC
IP
54.240.174.29:80
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
533 B (533 bytes)
Hash
9877a3364f7a17ffefc73a32c66665b4
b2780a4e5a189917706f5f4cff6188f5e0232f13
0b8d85c606590cf732a9e9d1358e9d6981477cc3157b515f3107124ed958a37d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dv6lC HTTP/1.1
Host: did.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-length: 533
date: Sat, 07 Dec 2024 10:26:27 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6rgx3E23rIJLQKIXA6XuNa9Pv1TaVmsZdGq7tVGVLRz6Y8CqIKxTLw==
X-Firefox-Spdy: h2

did.li/dv6lC

54.240.174.31

404 Not Found

533 B

URL User Request GET HTTP/1.1
did.li/dv6lC
IP
54.240.174.31:80
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
533 B (533 bytes)
Hash
9877a3364f7a17ffefc73a32c66665b4
b2780a4e5a189917706f5f4cff6188f5e0232f13
0b8d85c606590cf732a9e9d1358e9d6981477cc3157b515f3107124ed958a37d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dv6lC HTTP/1.1
Host: did.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Content-Length: 533
Connection: keep-alive
Date: Sat, 07 Dec 2024 10:26:27 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Tx35Y7NmloLNNVoyf5LSITGXV9JG1QfCUxmQzW3VW5wwXt5DtyIUiw==

did.li/favicon.ico

54.240.174.31

404 Not Found

106 B

URL GET HTTP/1.1
did.li/favicon.ico
IP
54.240.174.31:80
ASN
#16509 AMAZON-02

Requested by
http://did.li/dv6lC

File type
HTML document, ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: did.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://did.li/dv6lC
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sat, 07 Dec 2024 10:26:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Error from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: I58zxCtDwY019o_qv8wzLgEKBXJGKFgwXxvGhmnVN3GTjtVvoZEI6A==

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers