| r11.o.lencr.org/ |  23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash306aab38a2968d69d5d5dbc017f4277a b32d9d7854e04d53418b56571cafb87065e3556f 2e6610a974cefd8ed9bab356e7e166e41b4e4955f4da39f5d400cdeeb286f88c
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2E6610A974CEFD8ED9BAB356E7E166E41B4E4955F4DA39F5D400CDEEB286F88C"
Last-Modified: Mon, 26 Aug 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14938
Expires: Wed, 28 Aug 2024 14:11:59 GMT
Date: Wed, 28 Aug 2024 10:03:01 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash54633b725990f88440d7aea516670e2b e0067c0d67ee241ff0fd23bbfbfcdf77d044a5ee 4c70207b2ed6067ddedd19d893cd479c107ee6a6d3324d324ae599abff578a06
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4C70207B2ED6067DDEDD19D893CD479C107EE6A6D3324D324AE599ABFF578A06"
Last-Modified: Mon, 26 Aug 2024 06:22:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2494
Expires: Wed, 28 Aug 2024 10:44:36 GMT
Date: Wed, 28 Aug 2024 10:03:02 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf7c4be8bd45166d9a6c01c9002cb0b35 e057803eec2aa279d12d5a361903b66e7eccbb86 0e7a047f2a11f5db27830e9b2b2f9ac4578f8bc34e2a5ac00e194f0ac5e3e4fb
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0E7A047F2A11F5DB27830E9B2B2F9AC4578F8BC34E2A5AC00E194F0AC5E3E4FB"
Last-Modified: Mon, 26 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13223
Expires: Wed, 28 Aug 2024 13:43:25 GMT
Date: Wed, 28 Aug 2024 10:03:02 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb0c68ac7e44a67b94268231c5f22ae25 a0c078abb7617e9b0ac402a24969ea22e024cf18 671ca341e73bd97fda1d098560ab338b45fbff67a5d85b47685273850d55e587
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "671CA341E73BD97FDA1D098560AB338B45FBFF67A5D85B47685273850D55E587"
Last-Modified: Mon, 26 Aug 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14662
Expires: Wed, 28 Aug 2024 14:07:24 GMT
Date: Wed, 28 Aug 2024 10:03:02 GMT
Connection: keep-alive
|
|
| urlz.fr/cdn-cgi/images/icon-exclamation.png?1376755637 |  104.21.234.214 | 200 OK | 452 B |
URL GET HTTP/2urlz.fr/cdn-cgi/images/icon-exclamation.png?1376755637 IP104.21.234.214:443
CertificateIssuerGoogle Trust Services Subjecturlz.fr FingerprintD6:C7:48:F0:57:56:60:0F:FC:D5:B7:A6:12:0C:20:E3:98:72:4C:EB ValidityMon, 26 Aug 2024 09:49:26 GMT - Sun, 24 Nov 2024 09:49:25 GMT
File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced Hashc33de66281e933259772399d10a6afe8 b9f9d500f8814381451011d4dcf59cd2d90ad94f f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urlz.fr/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Aug 2024 10:03:03 GMT
content-type: image/png
content-length: 452
last-modified: Fri, 23 Aug 2024 16:44:30 GMT
etag: "66c8bc6e-1c4"
server: cloudflare
cf-ray: 8ba37820583e6403-LHR
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 28 Aug 2024 12:03:03 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd4dd734ee3b332b0befeb0ba13e21f5f 8651bbd15f2e760d1145b1b6cb83d73cee9a0170 e8fb27375025282b1d0a0fccb0798d24ab6fc72473ff03f195f311d61bda6d47
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E8FB27375025282B1D0A0FCCB0798D24AB6FC72473FF03F195F311D61BDA6D47"
Last-Modified: Mon, 26 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12553
Expires: Wed, 28 Aug 2024 13:32:17 GMT
Date: Wed, 28 Aug 2024 10:03:04 GMT
Connection: keep-alive
|
|
| urlz.fr/cdn-cgi/styles/cf.errors.css | 104.21.234.214 | 200 OK | 5.0 kB |
URL GET HTTP/2urlz.fr/cdn-cgi/styles/cf.errors.css IP104.21.234.214:443
CertificateIssuerGoogle Trust Services Subjecturlz.fr FingerprintD6:C7:48:F0:57:56:60:0F:FC:D5:B7:A6:12:0C:20:E3:98:72:4C:EB ValidityMon, 26 Aug 2024 09:49:26 GMT - Sun, 24 Nov 2024 09:49:25 GMT
File typegzip compressed data, from Unix Hash22ed98dbb7a1168d0f9b2cd4c7d52318 04edfb49e1530abdd0a999e00422abf6c6e364f0 3578cf16432aeb6787e91325a5de2690586b6e407327e46b36845a2704d7afe1
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urlz.fr/rQXH
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Aug 2024 10:03:03 GMT
content-type: text/css
last-modified: Fri, 23 Aug 2024 16:44:30 GMT
etag: W/"66c8bc6e-5df3"
server: cloudflare
cf-ray: 8ba378200fc26403-LHR
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 28 Aug 2024 12:03:03 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd4dd734ee3b332b0befeb0ba13e21f5f 8651bbd15f2e760d1145b1b6cb83d73cee9a0170 e8fb27375025282b1d0a0fccb0798d24ab6fc72473ff03f195f311d61bda6d47
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E8FB27375025282B1D0A0FCCB0798D24AB6FC72473FF03F195F311D61BDA6D47"
Last-Modified: Mon, 26 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12553
Expires: Wed, 28 Aug 2024 13:32:17 GMT
Date: Wed, 28 Aug 2024 10:03:04 GMT
Connection: keep-alive
|
|
| | 104.21.234.214 | 200 OK | 2.3 kB |
URL User Request GET HTTP/2IP104.21.234.214:443
CertificateIssuerGoogle Trust Services Subjecturlz.fr FingerprintD6:C7:48:F0:57:56:60:0F:FC:D5:B7:A6:12:0C:20:E3:98:72:4C:EB ValidityMon, 26 Aug 2024 09:49:26 GMT - Sun, 24 Nov 2024 09:49:25 GMT
File typegzip compressed data, from Unix Hash5db7c8aafe70862ecf865cd6d6ae7782 730f863410d29b28d2d47f704c943bc9ee3a08c5 fa27da8fe01d43e3e09099ab7bde74fb4aa9d6e24f06399f24bff544128fd1f0
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Credit Agricole S.A. | | PhishTank | phishing | Other |
GET /rQXH HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 28 Aug 2024 10:03:02 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HisDjmwAI8s5WatqjAOeZpv7hc2eLWDScDbmNTcof67VdnuZxT8fX7EY3h%2B1iaU3CJ9%2BRYftWJ5xq7T%2FzUfUOv81zPHoSP7pev%2FH2AvM4ReYxO2LIrT%2BLY2n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ba3781e0d9b6403-LHR
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd4dd734ee3b332b0befeb0ba13e21f5f 8651bbd15f2e760d1145b1b6cb83d73cee9a0170 e8fb27375025282b1d0a0fccb0798d24ab6fc72473ff03f195f311d61bda6d47
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E8FB27375025282B1D0A0FCCB0798D24AB6FC72473FF03F195F311D61BDA6D47"
Last-Modified: Mon, 26 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12553
Expires: Wed, 28 Aug 2024 13:32:17 GMT
Date: Wed, 28 Aug 2024 10:03:04 GMT
Connection: keep-alive
|
|
| urlz.fr/favicon.ico | 104.21.234.214 | 404 Not Found | 12 kB |
IP104.21.234.214:443
CertificateIssuerGoogle Trust Services Subjecturlz.fr FingerprintD6:C7:48:F0:57:56:60:0F:FC:D5:B7:A6:12:0C:20:E3:98:72:4C:EB ValidityMon, 26 Aug 2024 09:49:26 GMT - Sun, 24 Nov 2024 09:49:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urlz.fr/rQXH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 28 Aug 2024 10:03:03 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6IqdPklJGx%2B8dd17APAKJJL8nl%2Bv2hMWZhjIpC%2FOpZUVLiC19QzXSUeE9Ur0YJqxgwOCvKFHBX1neZR1g9UH%2BdPniisMGWWZgg5VdR8HG5G%2F%2BmDAAr4IWFM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ba37820a8a16403-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|