Report - jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user

Report Overview

Visited public
2024-07-19 04:39:51
Tags
sinkhole suspicious cloudflare
URL
jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Finishing URL
jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
IP / ASN
104.19.184.77
#13335 CLOUDFLARENET
Title
Attention Required! | Cloudflare
Suspicious - Sinkholed / Blocked

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jira.alkami.com	261633	2003-04-07	2021-03-21 21:03:48	2023-06-02 16:39:51	5.7 kB	39 kB	104.19.184.77
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-18 18:12:17	2.3 kB	6.2 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=	ScriptElement	0 B	0001-01-01	2025-04-26
Pretty URL jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role= IP 104.19.184.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-04-26 03:35 Times Seen4536121 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=	ScriptElement	393 B	2023-04-05	2025-03-02
Pretty URL jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role= IP 104.19.184.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:39 Last Seen2025-03-02 06:13 Times Seen143291 Hash 34ad0a116707d3b794129a6720af92d7 424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4 d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262 Loading...

	jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=	ScriptElement	0 B	0001-01-01	2025-04-26
Pretty URL jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role= IP 104.19.184.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-04-26 03:35 Times Seen4536121 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	236 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:25 Last Seen2024-08-19 16:25 Times Seen1 Hash 8883d10b8992571a54a1da8fb80a3c53 f05698c6de967018df8d4577dd942b806f1b6eed 3676849fad1a4a60bb1e33174a3ba150cc3321ac29b478547bf95722a823e765 Loading...

	jira.alkami.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.9 kB	2024-08-19	2024-08-19
Pretty URL jira.alkami.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.19.184.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:25 Last Seen2024-08-19 16:25 Times Seen1 Hash 0e1935daad61bb51ea0d996c54bc9969 623c6a62c1f408fa3480dc3387d216d707edcb28 678b4c0a865310962e84b396560adced08c6f249a839ec4bbc5e65450fb5b79e Loading...

	jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=	ScriptElement	923 B	2024-08-19	2024-08-19
Pretty URL jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role= IP 104.19.184.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 16:25 Last Seen2024-08-19 16:25 Times Seen1 Hash a39c7ae0d41f720e55a87434c58d5792 b0bb914efba2decb4a9cf0d70afd180cd6ebc25b 2444b9f324d6001c7f1a0fd25ed817b777d9339b9912592bb681f43c43a84f6c Loading...

HTTP Transactions (15)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
df89293c476ae09fa6ea5ee32b70224e
e684c88f3ffd36b50489c5391a3637218329e080
1a09f23c5518140b3792a6c0729e19f7cd9c728016840567f7068b7df5bccb81

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A09F23C5518140B3792A6C0729E19F7CD9C728016840567F7068B7DF5BCCB81"
Last-Modified: Thu, 18 Jul 2024 08:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13838
Expires: Fri, 19 Jul 2024 08:30:01 GMT
Date: Fri, 19 Jul 2024 04:39:23 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2c174cd9de141b9f3330d869df450834
251c8d7aa8126bfb9fa4c164ebb067b8929486f8
e79c4bb4566914535b10c91563e36d1768f5fc8e1933392cf130e2f4d776e296

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E79C4BB4566914535B10C91563E36D1768F5FC8E1933392CF130E2F4D776E296"
Last-Modified: Thu, 18 Jul 2024 08:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9369
Expires: Fri, 19 Jul 2024 07:15:32 GMT
Date: Fri, 19 Jul 2024 04:39:23 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9242083e8854242dd63e09c963159384
d334a9ec53be29ce2d3bbc333205b970b84d63fc
927ae834d942951b3ea3f7199aca87d589dee465706a095bcf7131de85d37e1c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "927AE834D942951B3EA3F7199ACA87D589DEE465706A095BCF7131DE85D37E1C"
Last-Modified: Thu, 18 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3912
Expires: Fri, 19 Jul 2024 05:44:35 GMT
Date: Fri, 19 Jul 2024 04:39:23 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
42e531d59be85c09ecc215208470d19e
75ec72c8c8e1de19407837d46d2ad7119770cdb0
38125115e22a9a58bf2df205bb09ae6c6fef4948b9de15b2f15f37d19aedf6a9

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "38125115E22A9A58BF2DF205BB09AE6C6FEF4948B9DE15B2F15F37D19AEDF6A9"
Last-Modified: Thu, 18 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9186
Expires: Fri, 19 Jul 2024 07:12:29 GMT
Date: Fri, 19 Jul 2024 04:39:23 GMT
Connection: keep-alive

jira.alkami.com/cdn-cgi/images/browser-bar.png?1376755637

104.19.184.77

200 OK

715 B

URL GET HTTP/2
jira.alkami.com/cdn-cgi/images/browser-bar.png?1376755637
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type
PNG image data, 960 x 53, 8-bit colormap, non-interlaced
Size
715 B (715 bytes)
Hash
226dcb8f6144bdaafdfbd8f2f354be64
3785cc5b3bf52f8e398177b0ff1020b24aa86b8c
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jira.alkami.com/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Jul 2024 04:39:24 GMT
content-type: image/png
content-length: 715
last-modified: Fri, 12 Jul 2024 17:10:21 GMT
etag: "6691637d-2cb"
server: cloudflare
cf-ray: 8a5807083991be60-CPH
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 19 Jul 2024 06:39:24 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

jira.alkami.com/cdn-cgi/styles/cf.errors.css

104.19.184.77

200 OK

7.7 kB

URL GET HTTP/2
jira.alkami.com/cdn-cgi/styles/cf.errors.css
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type
gzip compressed data, from Unix
Size
7.7 kB (7728 bytes)
Hash
80000355ef4900f25141ea92a02cbd43
7f297631ad2097b03d0a69d74beba006eee6dcca
5e759f93b779e46ac4ae17a848a24860f68f798692c22cba902aa103f4a0889c

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Jul 2024 04:39:24 GMT
content-type: text/css
last-modified: Fri, 12 Jul 2024 17:10:21 GMT
etag: W/"6691637d-5df3"
server: cloudflare
cf-ray: 8a580707d945be60-CPH
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 19 Jul 2024 06:39:24 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

jira.alkami.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.19.184.77

302 Found

0 B

URL GET HTTP/2
jira.alkami.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Fri, 19 Jul 2024 04:39:24 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
cache-control: max-age: 300, public
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 8a58070889d2be60-CPH
X-Firefox-Spdy: h2

jira.alkami.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a5807066853be60

104.19.184.77

200 OK

0 B

URL POST HTTP/2
jira.alkami.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a5807066853be60
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8a5807066853be60 HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12310
Origin: https://jira.alkami.com
DNT: 1
Connection: keep-alive
Referer: https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Jul 2024 04:39:24 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.alkami.com; HttpOnly; Secure; SameSite=None
cf_clearance=pvZonilIi5i1qu1rJSAfYZjcZepHzwIYK2vzPrT72Vw-1721363964-1.0.1.1-hXAnoSG41w7uoECZLr0.O_tQhvJ6SPvQHqqjD.AV.bzN.xe0Xnx.7wPXyNad.imr8ctVFs46dk0Afcnripby_w; Path=/; Expires=Sat, 19-Jul-25 04:39:24 GMT; Domain=.alkami.com; HttpOnly; Secure; SameSite=None; Partitioned
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 8a58070a2ad1be60-CPH
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12473
Expires: Fri, 19 Jul 2024 08:07:18 GMT
Date: Fri, 19 Jul 2024 04:39:25 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12473
Expires: Fri, 19 Jul 2024 08:07:18 GMT
Date: Fri, 19 Jul 2024 04:39:25 GMT
Connection: keep-alive

jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=

104.19.184.77

403 Forbidden

2.4 kB

URL User Request GET HTTP/2
jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type
HTML document, ASCII text, with very long lines (945)
Size
2.4 kB (2407 bytes)
Hash
ff2f100f84cf2256723ecede5092fcd0
ac85ace325638099dd23adbbdd4bf9f6ae4d61b5
6112bde7a397573320bfef22447db03416e6db6149ad7253fba598dafea13110

HTTP Headers

GET /secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role= HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 19 Jul 2024 04:39:23 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 19 Jul 2024 04:39:38 GMT
set-cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M; path=/; expires=Fri, 19-Jul-24 05:09:23 GMT; domain=.alkami.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 8a5807056fbabe60-CPH
content-encoding: br
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12473
Expires: Fri, 19 Jul 2024 08:07:18 GMT
Date: Fri, 19 Jul 2024 04:39:25 GMT
Connection: keep-alive

jira.alkami.com/favicon.ico

104.19.184.77

403 Forbidden

7.1 kB

URL GET HTTP/2
jira.alkami.com/favicon.ico
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type
HTML document, ASCII text, with very long lines (394)
Size
7.1 kB (7088 bytes)
Hash
39bcdae4950fd5158ad9a5ae729d6319
ef17c4eab1823f7d96bd935c0ce6a16a89129116
6daa4ee960464882ae2a0ae2a9dd6b8bc8081a0555f829d99b15e5be05a68482

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
date: Fri, 19 Jul 2024 04:39:24 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 19 Jul 2024 04:39:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 8a58070879c9be60-CPH
content-encoding: br
X-Firefox-Spdy: h2

jira.alkami.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

104.19.184.77

200 OK

14 kB

URL GET HTTP/2
jira.alkami.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type
JavaScript source, ASCII text, with very long lines (7873), with no line terminators
Size
14 kB (13706 bytes)
Hash
0e1935daad61bb51ea0d996c54bc9969
623c6a62c1f408fa3480dc3387d216d707edcb28
678b4c0a865310962e84b396560adced08c6f249a839ec4bbc5e65450fb5b79e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js? HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Jul 2024 04:39:24 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 8a580708da0bbe60-CPH
content-encoding: br
X-Firefox-Spdy: h2

jira.alkami.com/cdn-cgi/images/cf-no-screenshot-error.png

104.19.184.77

200 OK

3.2 kB

URL GET HTTP/2
jira.alkami.com/cdn-cgi/images/cf-no-screenshot-error.png
IP
104.19.184.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jira.alkami.com/secure/ViewProfile.jspa?name=stephan.brown/login.jsp?permissionViolation=true&os_destination=/secure/ViewProfile.jspa?name=stephan.brown&page_caps=&user_role=
Certificate
IssuerEntrust, Inc.
Subjectjira.alkami.com
Fingerprint2F:6D:90:07:C9:90:29:A6:03:C2:D8:3D:EF:75:17:FC:2D:0F:C8:08
ValidityThu, 27 Jun 2024 17:41:36 GMT - Fri, 27 Jun 2025 17:41:35 GMT

File type
PNG image data, 178 x 175, 8-bit colormap, non-interlaced
Size
3.2 kB (3213 bytes)
Hash
0d768cbc261841d3affc933b9ac3130e
aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: jira.alkami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jira.alkami.com/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=zny.pkRdW_t7rGw5gLhVmtiYlAmiUf_Vs.jqM0.zoUg-1721363963-1.0.1.1-voh9CZ7nG34H2nO73weYB5lXQbbc_ogsjQTwKatuYF2uViVyCbWeHgocMut23QX1GUElja.b6RdyooQsZtNLbim5gWDu4ilXypmjcp0LH4M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Jul 2024 04:39:24 GMT
content-type: image/png
content-length: 3213
last-modified: Fri, 12 Jul 2024 17:10:21 GMT
etag: "6691637d-c8d"
server: cloudflare
cf-ray: 8a5807083992be60-CPH
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 19 Jul 2024 06:39:24 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash