dol.geolocalisation-flotte.top Open in urlscan Pro
172.67.165.98 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kelor.candlesasd.shop/index.php/campaigns/hs2956jmhabdd/track-url/hr283k6pz03ab/6b8f05ba82d5f547caa6c7f125bf553589688b58
Effective URL:
https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab
Submission: On November 13 via api (November 13th 2024, 1:32:11 pm UTC) from DE — Scanned from NL

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 172.67.165.98, located in United States and belongs to CLOUDFLARENET, US. The main domain is dol.geolocalisation-flotte.top.
TLS certificate: Issued by WE1 on November 10th 2024. Valid for: 3 months.

This is the only time dol.geolocalisation-flotte.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.169.247 172.67.169.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	172.67.165.98 172.67.165.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kelor.candlesasd.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.169.247 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

facebook-performance.lavateraasd.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.67.165.98 (United States)

ASN13335 (CLOUDFLARENET, US)

dol.geolocalisation-flotte.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	geolocalisation-flotte.top dol.geolocalisation-flotte.top	2 MB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1475	439 KB
1	lavateraasd.shop 1 redirects facebook-performance.lavateraasd.shop	686 B
1	candlesasd.shop 1 redirects kelor.candlesasd.shop	882 B
23	4

	Domain	Requested by
22	dol.geolocalisation-flotte.top	dol.geolocalisation-flotte.top
1	use.fontawesome.com	dol.geolocalisation-flotte.top
1	facebook-performance.lavateraasd.shop	1 redirects
1	kelor.candlesasd.shop	1 redirects
23	4

This site contains links to these domains. Also see Links.

Domain
google-checked-verified.golfapp.club

Subject Issuer	Validity	Valid
geolocalisation-flotte.top WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
use.fontawesome.com WE1	`2024-11-07` - `2025-02-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab
Frame ID: F5789AF4E321855A862CD52ABB1D130F
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Douglas - Umfragebelohnungen

Page URL History Show full URLs

https://kelor.candlesasd.shop/index.php/campaigns/hs2956jmhabdd/track-url/hr283k6pz03ab/6b8f05ba82d5f547ca... HTTP 301
https://facebook-performance.lavateraasd.shop/Qx7doEdfvghtP3tCewJu1VslmYst?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6... HTTP 301
http://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab HTTP 307
https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

23
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

2800 kB
Transfer

3623 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://google-checked-verified.golfapp.club/MkisoLks2gBc3vXF1rTW6fqc3Dsf8arT4ysu9Iox4plK8mcbv0Gts3rEW7wsMk2soL4ke5gRrs/?source_id=Dg-Rit&s1=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab
Title: Continuer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kelor.candlesasd.shop/index.php/campaigns/hs2956jmhabdd/track-url/hr283k6pz03ab/6b8f05ba82d5f547caa6c7f125bf553589688b58 HTTP 301
https://facebook-performance.lavateraasd.shop/Qx7doEdfvghtP3tCewJu1VslmYst?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab HTTP 301
http://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab HTTP 307
https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response dol.geolocalisation-flotte.top/ Redirect Chain https://kelor.candlesasd.shop/index.php/campaigns/hs2956jmhabdd/track-url/hr283k6pz03ab/6b8f05ba82d5f547caa6c7f125bf553589688b58 https://facebook-performance.lavateraasd.shop/Qx7doEdfvghtP3tCewJu1VslmYst?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab http://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab	27 KB 5 KB	579ms 126ms	Document text/html	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.13 Resource Hash `8e288fcbfb9b69f1d3743d6dfa649811f6d7da75669ae93c4943e3311d308cb6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e1f2039fde0b8a6-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Wed, 13 Nov 2024 13:32:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASqiDo2OMyRoy70qWu9dTaaVG1309u2nWyPIfTVNm6SD37HKonc6cc4V1ZD1G1oxPxQ1FaruC4xaYwSpJrSWe3mzkynqR2bbZXsmYg%2Fa8e7Cxrns4KchdMPQAu6j9umAG21MXsUxnVKW5P0eG2XY9h4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=14889&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4536&delivery_rate=701&cwnd=12000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=131&x=1" cfHdrFlush;dur=0 x-powered-by PHP/8.3.13 Redirect headers Location https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Non-Authoritative-Reason HttpsUpgrades
GET H3	200	style.css dol.geolocalisation-flotte.top/css/	15 KB 4 KB	127ms 126ms	Stylesheet text/css	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dol.geolocalisation-flotte.top/css/style.css Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70f62c085f1ab303662a8195cfb33e7df6951364e72ce05702d897bd2f76b650` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"3b1e-6266cb4912b00" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmgZ1XjnpfKQtIAGFiNfID8ZC9p%2B7jmUt88m1YjYUMejdQY5RT7U%2Bonht2mkzaMs11NHTI7VW5aPdws9JBx3NGA78Q9rgAM%2BPFWshPLji2lFn%2F4ISltoaaiIf2gNhi3n9uUfiX6tnbu3hrm3xZFhSqA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203b0ed1b8a6-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16414&sent=19&recv=18&lost=0&retrans=0&sent_bytes=9907&recv_bytes=6230&delivery_rate=169073&cwnd=12000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=298&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 13:32:06 GMT content-type text/css last-modified Fri, 08 Nov 2024 20:36:28 GMT vary Accept-Encoding server cloudflare
GET H3	200	animate.min.css dol.geolocalisation-flotte.top/css/	70 KB 7 KB	145ms 144ms	Stylesheet text/css	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dol.geolocalisation-flotte.top/css/animate.min.css Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"11847-6266cb4912b00" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auAdDs2Z%2F8k7WG06LiVtY2X0UnQe8D74aniQ8ai03VcG4s84cwnD0Nrk7phcWKZpPdmheyYVz7YzTsPKgKo%2BVZSNsTeQAD%2Bs2xek14C3J3k20QWUDvqXCfjl0oKnxKCGJ5ag2XftOjriOC%2BDtHLjPME%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203b0ed4b8a6-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16414&sent=32&recv=18&lost=0&retrans=0&sent_bytes=21907&recv_bytes=6230&delivery_rate=169073&cwnd=12000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=309&x=1", cfHdrFlush;dur=4 date Wed, 13 Nov 2024 13:32:06 GMT content-type text/css last-modified Fri, 08 Nov 2024 20:36:28 GMT vary Accept-Encoding server cloudflare
GET H2	200	all.js Show response use.fontawesome.com/releases/v5.15.4/js/	1 MB 439 KB	268ms 214ms	Script application/javascript	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.15.4/js/all.js Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://dol.geolocalisation-flotte.top Referer Response headers cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"5e29440867fdb02a48dffded02338c31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DCb4UvgTmNXgA5AJnPPCNMJ5XPNwK4eVlTQiZehncef16aMUeBC16IiEAfe9JV6OmjrLTwd0PjWfB9ZKAdTmWCLGDOqBY85z%2BgvdJHy%2Fh4cVLM%2FYx30u1cJ2WzBeRe6Y5igeFZC0sbBdOFLGHeKIoSMo"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203c4a28773f-AMS access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=14384&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4011&recv_bytes=2261&delivery_rate=268734&cwnd=253&unsent_bytes=0&cid=e858c5eb1001c7fa&ts=218&x=0" date Wed, 13 Nov 2024 13:32:06 GMT content-type application/javascript last-modified Fri, 22 Sep 2023 01:45:24 GMT vary Origin, Accept-Encoding server cloudflare
GET H3	200	datehead.js Show response dol.geolocalisation-flotte.top/js/	2 KB 2 KB	132ms 131ms	Script application/javascript	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dol.geolocalisation-flotte.top/js/datehead.js Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56d2e81a3fe57f9fe2ceeafa4713d2d7de4063c95336023290ab6d9698dd6b8e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"95a-6266cb481e8c0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPP2KQDw8l3cfI6e92oWMau%2BZ9ncSGwvVlZInu3ZafD1Iq09B%2FYv%2Bvip%2BCGZoonKM8SzKr3Dc9LIotB8zC6sL6enTz56ibK9AybdffeeTYmmzHrRNTREYMVTa3JzVU%2FvFmJIEHD6Dv6R4IoRqOQBuJ0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203b0ed5b8a6-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16414&sent=27&recv=18&lost=0&retrans=0&sent_bytes=17478&recv_bytes=6230&delivery_rate=169073&cwnd=12000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=302&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 13:32:06 GMT content-type application/javascript last-modified Fri, 08 Nov 2024 20:36:27 GMT vary Accept-Encoding server cloudflare
GET H3	200	logo.png dol.geolocalisation-flotte.top/images/	43 KB 43 KB	135ms 135ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/logo.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9a61ede6ef8225af5fdb60fafd42a13b481304d2cbcb0bdcb4acb4735de7a93f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "aa61-6266cb4636440" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6APFhKhy%2FEuSX%2F9l9Z0kCUJaoBJNbZF3cTFgfLfsIB0Hm8wEGbXcLooK2Aoqwe%2FuMFkHex3pPXYQV%2F1j57adP0c4lHq7IbVuT5Nyovq24J7DmEgi%2B6tXzYh3aY44%2FWqPqmT64ASIQj6xQvkhBnTjti8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203b0ed6b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16414&sent=29&recv=18&lost=0&retrans=0&sent_bytes=19074&recv_bytes=6230&delivery_rate=169073&cwnd=12000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=305&x=1", cfHdrFlush;dur=0 content-length 43617 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:25 GMT vary Accept-Encoding server cloudflare
GET H3	200	flaglogo.png dol.geolocalisation-flotte.top/images/	2 KB 3 KB	130ms 130ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/flaglogo.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "998-6266cb4636440" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0bAGYe0xPchdcbBkaDp%2Bs2VD1ei%2B1IDmD9oNEGULHN10mACmCIKQ5u6A6CIp6sk3tEkjPfWJi0HQbGu0RbBtsfgDkqsP2RroFbjjbqT9O22l6%2FcyZpXQ3pR5YwuZCcnAdGdgU5OpBaap5AOScTYn6U%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203b0ed9b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16414&sent=24&recv=18&lost=0&retrans=0&sent_bytes=14317&recv_bytes=6230&delivery_rate=169073&cwnd=12000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=300&x=1", cfHdrFlush;dur=0 content-length 2456 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:25 GMT vary Accept-Encoding server cloudflare
GET H3	200	product.png dol.geolocalisation-flotte.top/images/	765 KB 766 KB	130ms 130ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/product.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `335e5b23baabcb156cb7a77d491eecfa83dbdab88f10cf6c4bffacb1389fe224` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "bf42c-6266cb4542200" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BeHZhyry%2FrWilRd0O%2BOz7HDW57JdA1zHF245KejDR8d595yypj0bkv6CunW%2BGaxBtL%2B%2FqAD2qeii3Du8ZjYGXn6wV3UcHp2PTRjrXNL%2F414y5QveyHLfWfKzMFmQYD2%2FI60uv9r5XpFqobm5gWo7Ro%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bdf8db8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=17989&sent=77&recv=61&lost=0&retrans=0&sent_bytes=71260&recv_bytes=12429&delivery_rate=2175760&cwnd=37200&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=433&x=1", cfHdrFlush;dur=0 content-length 783404 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:24 GMT vary Accept-Encoding server cloudflare
GET H3	200	loadingRD.gif dol.geolocalisation-flotte.top/images/	121 KB 122 KB	146ms 144ms	Image image/gif	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/loadingRD.gif Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7a3b4165143271bd7355d121f785c3728c17b1d11629e7cffb638753099bce65` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "1e5e1-6266cb472a680" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKg0BslAd4FdyPdjzoVazATnJ9PmIJiCWMBUz3PsKS%2FAWRPYzpwL4TVcsxSF8EiVq5%2BCvBJQQHma7yn5qVB10JyTGcSCaYi5vXe3mRDh1ReT5W0MOIj%2FCZJgR9bmPA3VKMwSMNp6WvVW6pWJuwL1hVw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffa1b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=450&x=1", cfHdrFlush;dur=3 content-length 124385 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/gif last-modified Fri, 08 Nov 2024 20:36:26 GMT vary Accept-Encoding server cloudflare
GET H3	200	prize1.png dol.geolocalisation-flotte.top/images/	765 KB 766 KB	158ms 155ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/prize1.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9054ff35027507865bd4ea38dc0fb459e2d92f4601131d9e742d285c17572be4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "bf368-6266cb4542200" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0SLMnelpUvGEK54dJyrcLKSLkaS6cfcnWEiHGyL535yTKehjxtTog905EA8fTHcDY0uM5fPfbtfy0JzCtEoE5WBuXgt%2B4yq0OR7uRH1ZNJmgxycoqzwsAWfY3Sel1ZNPaea%2FlcCq1sH87enMddyb6w%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffa4b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15727&sent=273&recv=82&lost=0&retrans=0&sent_bytes=302860&recv_bytes=13363&delivery_rate=4316520&cwnd=132000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=468&x=1", cfHdrFlush;dur=9 content-length 783208 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:24 GMT vary Accept-Encoding server cloudflare
GET H3	200	1.jpg dol.geolocalisation-flotte.top/images/	44 KB 45 KB	150ms 147ms	Image image/jpeg	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/1.jpg Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "b0d0-6266cb4636440" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0A73uvh7bzbRyybcjFIIQE%2FzMITSvKMAFysrEecpX%2BUVWj06bzm4b0ZiZIZ6xokSaUZK%2Ba9%2BBYNlVrebgQzxugNFY6ownaMd5ve70kLzyutJ1dk%2F1HbRKFUF0PMfnNcXfSpT1xWL7X1YpjJyQR0TapE%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffabb8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=452&x=1", cfHdrFlush;dur=10 content-length 45264 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/jpeg last-modified Fri, 08 Nov 2024 20:36:25 GMT vary Accept-Encoding server cloudflare
GET H3	200	2.jpg dol.geolocalisation-flotte.top/images/	45 KB 45 KB	151ms 149ms	Image image/jpeg	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/2.jpg Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "b223-6266cb4636440" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNsjHcOINUTr3NeHnmZONNeXa2X%2BUew0Fj0wLgnprgzQYfpZNXNiLYRhM9skZ%2F2iVIwMbp%2BGQ964tRQQ%2FGQNf1xb%2FHK4II9oKVsLCBZ8AtX1tOMYVl0ABlvoTadB6ItSD0USju7nvUYedIyIHz4fQUg%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffacb8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15767&sent=166&recv=76&lost=0&retrans=0&sent_bytes=178060&recv_bytes=13095&delivery_rate=2531226&cwnd=69600&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=457&x=1", cfHdrFlush;dur=5 content-length 45603 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/jpeg last-modified Fri, 08 Nov 2024 20:36:25 GMT vary Accept-Encoding server cloudflare
GET H3	200	comm_pic_1.jpg dol.geolocalisation-flotte.top/images/	87 KB 88 KB	154ms 152ms	Image image/jpeg	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/comm_pic_1.jpg Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4a22e2b26aebec8f05849cadea37c73835d541476a31ac279f266a66f7b4006c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "15dc2-6266cb472a680" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsuRmGOnNq%2BU5%2FV6E5C6fAqHP3ZFntFdz4SQBLBgLJn4S8Ts2S9bcSY%2FNiYgms4muiXnwwYaksczeoPzG69q0AJKH4YTOqG%2BlfGrUQlc93rPd1uo2a8W8P67smTEXIevIIhFPdx76L%2FYXzPYnHF93W8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffadb8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15767&sent=166&recv=76&lost=0&retrans=0&sent_bytes=178060&recv_bytes=13095&delivery_rate=2531226&cwnd=69600&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=456&x=1", cfHdrFlush;dur=6 content-length 89538 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/jpeg last-modified Fri, 08 Nov 2024 20:36:26 GMT vary Accept-Encoding server cloudflare
GET H3	200	3.jpg dol.geolocalisation-flotte.top/images/	38 KB 39 KB	153ms 151ms	Image image/jpeg	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/3.jpg Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "982d-6266cb472a680" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHf9WMGbS8C3yzbHJ2WwC%2FFsiwL8gvoTwtb9sVKNPSv7P2TfFI%2BKCbu9vg2ViiQnbcplnBJIHTuH1050HgwEe0YafNp3xBVvwvfBxCuE6PLiUIfERS2TuBxu1g40V9s%2FPy62fQKjGy7npQA5NWtbxsA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffaeb8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=450&x=1", cfHdrFlush;dur=12 content-length 38957 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/jpeg last-modified Fri, 08 Nov 2024 20:36:26 GMT vary Accept-Encoding server cloudflare
GET H3	200	4.jpg dol.geolocalisation-flotte.top/images/	38 KB 39 KB	210ms 208ms	Image image/jpeg	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/4.jpg Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "97bf-6266cb481e8c0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TY69u70ueK5gMrd7%2FlLfKuOfVga0YzHA5YFCPKsWb43TW9SYT8b%2BLl%2BJo5wFUjLMXYm2SK5Ch8M%2BpFlekaPyST6a%2FU7eDkKuOZdTikoiO7oOaCYD2TCIvaFnZ8ikErKes9v2FJEe07Sv0XN8UsBbA0s%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffafb8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=451&x=1", cfHdrFlush;dur=11 content-length 38847 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/jpeg last-modified Fri, 08 Nov 2024 20:36:27 GMT vary Accept-Encoding server cloudflare
GET H3	200	comm_pic_2.jpg dol.geolocalisation-flotte.top/images/	84 KB 85 KB	210ms 209ms	Image image/jpeg	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/comm_pic_2.jpg Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5f16ef43ffe6fc802d1e9f5820970e73157d2a0d51ed4c39022c9718e50d6f79` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "14ff6-6266cb472a680" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoDWIzm%2FwqSsDnfK9gxBxzUNheuMBpkE9rY%2FDPXFktlWBrmcX6RqZPGiKfBjuwER71wNmvp8Y2%2FdB%2Fc6CBbMmSVhrwHLS%2FFcCPsYnoUOdPrYLQ6G71M%2FsNOk3NjsQYKDTN5XNL84%2Fr%2Bet2nX8ji3IHA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffb0b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15767&sent=166&recv=76&lost=0&retrans=0&sent_bytes=178060&recv_bytes=13095&delivery_rate=2531226&cwnd=69600&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=456&x=1", cfHdrFlush;dur=6 content-length 86006 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/jpeg last-modified Fri, 08 Nov 2024 20:36:26 GMT vary Accept-Encoding server cloudflare
GET H3	200	5.jpg dol.geolocalisation-flotte.top/images/	46 KB 47 KB	213ms 212ms	Image image/jpeg	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/5.jpg Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "b7ec-6266cb4542200" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BM%2FKHQiWlsnkh3s%2FjLR3EZNgU%2FKS8ODokNawn6g6NWhPpKLJFvsJN2HdMG5sovKbno9ttndYg%2FfyG%2Fuqisr0JkVHd0egfM1Yups7HS0Kd3fqJ6EtoKvbbpsf%2FhEvygNhuDUA4GwawjpuKs8YmjtbPhA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffb2b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15767&sent=166&recv=76&lost=0&retrans=0&sent_bytes=178060&recv_bytes=13095&delivery_rate=2531226&cwnd=69600&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=456&x=1", cfHdrFlush;dur=6 content-length 47084 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/jpeg last-modified Fri, 08 Nov 2024 20:36:24 GMT vary Accept-Encoding server cloudflare
GET H3	200	f_guarantee.png dol.geolocalisation-flotte.top/images/	6 KB 7 KB	217ms 216ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/f_guarantee.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "18d0-6266cb481e8c0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nL%2BZDlr8Cl%2BPS7uqk482dPcgUFfv3SBEDSUumYaXViCz6ecl1nVBAWadMhlpDfBcMomWPZOJxA40HUZEwGEp9npnEonXFXghkLcnBmDPE7Dlz%2FgYbhFO838bChjp8dgsRXohN3mIeNbF5oFVMMfLsy0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffb3b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=453&x=1", cfHdrFlush;dur=9 content-length 6352 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:27 GMT vary Accept-Encoding server cloudflare
GET H3	200	f_secure_1.png dol.geolocalisation-flotte.top/images/	10 KB 10 KB	218ms 217ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/f_secure_1.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "2686-6266cb4636440" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bEa5bvhNVHdE9Xj4B%2FSU%2Fzv1tbnXOlh%2B2KnD7bcGrbVGi5Y%2Br7aeW%2BZ4JoteeKclA4r5f3fexd%2Fpj5PpDrqaA68KkUmEN2Cae8d9tHJX%2FESHjcQMNK1ReNqD7THNykSceb%2F723W95riby1fkPWkW8mY%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffb4b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=452&x=1", cfHdrFlush;dur=10 content-length 9862 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:25 GMT vary Accept-Encoding server cloudflare
GET H3	200	logo2.png dol.geolocalisation-flotte.top/images/	43 KB 43 KB	219ms 219ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/logo2.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `28e9767aed189db94669854345a9556272153102d08fbfd1d315691ddfdcf24e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "aa61-6266cb4636440" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JI7%2BXRUPmhX%2FXlf1TYF6fhOfno8Rh5LD%2B5PNtp%2Fg93T1e57oROk5hCq%2FCaBcjVt4V4JFGUjsL1pNxavxWhWw7tjNw%2FXmjg0qwslBu4ZdbvVhMtEK5SIrgjY8CP%2FGXt2tCACdWpJheg1OySmhXGTftcE%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffb5b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=453&x=1", cfHdrFlush;dur=9 content-length 43617 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:25 GMT vary Accept-Encoding server cloudflare
GET H3	200	script.js Show response dol.geolocalisation-flotte.top/js/	10 KB 3 KB	149ms 147ms	Script application/javascript	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dol.geolocalisation-flotte.top/js/script.js Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/?customer-id=hs2956jmhabdd-nf6684slnkdac-hr283k6pz03ab Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f1c977b96f81a03a31db3576a67717958b1e0650d99a864c9ff7111ccbc1717a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"28a6-6266cb481e8c0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DW1ibwvdzI1ZtrwTP92grvmYGZ9LpDcGdcf6dvbPZvuGMjRhZ9Qraf9WbTXzPSjYQl0KmF%2BZyPL0x8tKrONuHPqGhRlUNRqOnd%2FN9T9klIwds74f9rTLB%2FCDMSoU1P1jwXAKV2e1%2FbsWhJz8HtH9rmM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffaab8a6-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=449&x=1", cfHdrFlush;dur=13 date Wed, 13 Nov 2024 13:32:06 GMT content-type application/javascript last-modified Fri, 08 Nov 2024 20:36:27 GMT vary Accept-Encoding server cloudflare
GET H3	200	bg.png dol.geolocalisation-flotte.top/images/	193 KB 193 KB	220ms 219ms	Image image/png	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dol.geolocalisation-flotte.top/images/bg.png Requested by Host: dol.geolocalisation-flotte.top URL: https://dol.geolocalisation-flotte.top/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1fa2a51255b4662083558a9cbbc7ee2a752ee5a4277f3bb6193a2ea05f5f1b5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dol.geolocalisation-flotte.top/css/style.css Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "30221-6266cb472a680" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtVoZ%2BVvHxxx%2B4HPVBIuaJ7NUnNJaWrSkjIZSOY8%2B0T6b4r5dxBfkjCUr289JHuP8IPhoKwmRGsFynWT6fJLibNomjLY0XPsGkMFg9kPfb1c1ikKYxp3FHASn1EiBS8vNKqquRFR45eBXD9svyJneAQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203bffb6b8a6-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15771&sent=160&recv=75&lost=0&retrans=0&sent_bytes=170860&recv_bytes=13050&delivery_rate=2286268&cwnd=66000&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=449&x=1", cfHdrFlush;dur=13 content-length 197153 date Wed, 13 Nov 2024 13:32:06 GMT content-type image/png last-modified Fri, 08 Nov 2024 20:36:26 GMT vary Accept-Encoding server cloudflare
GET H3	404	favicon.ico dol.geolocalisation-flotte.top/	196 B 807 B	147ms 147ms	Other text/html	172.67.165.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dol.geolocalisation-flotte.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=krVN9OHquZgFo7zStUBccGwXaV9R8d0f45vh2%2Flf50BdYVpru0u9%2F6jhdCEl0ISR4vywIV11%2BkKGpr7Xy%2B1hN6KayX02MhbEVytwu929o%2FTQSrN5jUM496v2rxCZdiKNNlbGhh5UKZNzRH%2FfvnHWzd8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1f203edb07b8a6-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18280&sent=2192&recv=281&lost=79&retrans=79&sent_bytes=2570122&recv_bytes=22738&delivery_rate=6297451&cwnd=784770&unsent_bytes=0&cid=7b9efa8a1c4fa5d9&ts=927&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 13:32:06 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			kelor.candlesasd.shop/	1969-12-31 23:59:59	Name: mwsid Value: vq28r8kbc276g35vk2s6omln3f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dol.geolocalisation-flotte.top/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dol.geolocalisation-flotte.top
facebook-performance.lavateraasd.shop
kelor.candlesasd.shop
use.fontawesome.com
172.67.165.98
172.67.169.247
188.114.96.3
2606:4700:3037::ac43:8ef5
08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6
12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529
28e9767aed189db94669854345a9556272153102d08fbfd1d315691ddfdcf24e
335e5b23baabcb156cb7a77d491eecfa83dbdab88f10cf6c4bffacb1389fe224
36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18
4a22e2b26aebec8f05849cadea37c73835d541476a31ac279f266a66f7b4006c
56d2e81a3fe57f9fe2ceeafa4713d2d7de4063c95336023290ab6d9698dd6b8e
5f16ef43ffe6fc802d1e9f5820970e73157d2a0d51ed4c39022c9718e50d6f79
70f62c085f1ab303662a8195cfb33e7df6951364e72ce05702d897bd2f76b650
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
7a3b4165143271bd7355d121f785c3728c17b1d11629e7cffb638753099bce65
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8e288fcbfb9b69f1d3743d6dfa649811f6d7da75669ae93c4943e3311d308cb6
9054ff35027507865bd4ea38dc0fb459e2d92f4601131d9e742d285c17572be4
9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4
9a61ede6ef8225af5fdb60fafd42a13b481304d2cbcb0bdcb4acb4735de7a93f
b1fa2a51255b4662083558a9cbbc7ee2a752ee5a4277f3bb6193a2ea05f5f1b5
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3
f1c977b96f81a03a31db3576a67717958b1e0650d99a864c9ff7111ccbc1717a

dol.geolocalisation-flotte.top Open in urlscan Pro 172.67.165.98 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

2800 kBTransfer

3623 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

dol.geolocalisation-flotte.top Open in urlscan Pro
172.67.165.98 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

2800 kB
Transfer

3623 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!