Report - cellfonecellular.com/reeh/index.php?qbot.zip

Report Overview

Submitted URL
cellfonecellular.com/reeh/index.php?qbot.zip
IP
69.64.71.154
ASN
#18501 CODERO-DFW
Submitted
2022-12-16 01:38:41
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
296

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T06:38:15Z	752 B	26 kB	142.250.74.106
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T06:38:59Z	978 B	55 kB	216.58.207.227
cellfonecellular.com	unknown	2022-09-25T14:33:33Z	2022-12-16T02:38:24Z	26 kB	3.3 MB	69.64.71.154
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T05:09:25Z	3.2 kB	54 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.4 kB	4.9 kB	142.250.74.131
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T05:22:46Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	52.43.228.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/elementor/css/post-6.css?ver=1669232261	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/elementor/css/global.css?ver=1669232274	Malware
2022-12-16	medium	cellfonecellular.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/elementor/css/post-3982.css?ver=1669644288	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/elementor/css/post-6132.css?ver=1669311563	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.7.1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/the7-css/css-vars.css?ver=d71c4ab93db1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/the7-css/media.css?ver=d71c4ab93db1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/themes/dt-the7/css/main.min.css?ver=11.1.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/the7-css/post-type-dynamic.css?ver=d71c4ab93db1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/themes/dt-the7/css/compatibility/elementor/elementor-global.min.css?ver=11.1.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/elementor/custom-icons/the7-feather/style.css?ver=1.0.0	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3	Malware
2022-12-16	medium	cellfonecellular.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/themes/dt-the7/css/compatibility/elementor/the7-vertical-menu-widget.min.css?ver=11.1.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.5	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.1.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/themes/dt-the7/js/main.min.js?ver=11.1.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.1.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.5	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/themes/dt-the7/js/compatibility/elementor/the7-vertical-menu.min.js?ver=11.1.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.7.1	Malware
2022-12-16	medium	cellfonecellular.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	Malware
2022-12-16	medium	cellfonecellular.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.8.0	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1669232274	Malware
2022-12-16	medium	cellfonecellular.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed
2022-12-16	medium	cellfonecellular.com	Sinkholed

JavaScript (38)

	URL	Size	First Seen	Last Seen
	cellfonecellular.com/wp-includes/js/wp-util.min.js?ver=6.1.1	1.4 kB	2023-03-08	2024-04-23
Pretty URL cellfonecellular.com/wp-includes/js/wp-util.min.js?ver=6.1.1 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-23 09:19:53 Times Seen24351 Hash 19d386c9004e54941c1cc61d357efa5d 0a77594006c8d86fdcc0adbc2b9aecaef3869586 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95 Loading...

	cellfonecellular.com/reeh/?qbot.zip	110 B	2023-03-07	2024-04-22
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:16 Last Seen2024-04-22 13:55:02 Times Seen2269 Hash f17a1ca0e09b355fe605ac1ad37c4105 ce25a6e7d65c97829444381397e5ca58954bfeaf ac0bae1f39bff1aee40d5c283b0c0ca756959d7a442d9ad4b2a6d2634369698e Loading...

	cellfonecellular.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2	754 B	2023-03-07	2024-04-22
Pretty URL cellfonecellular.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-22 09:02:49 Times Seen2663 Hash afb55c29bdbcfc262d9fa56743572cad d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba Loading...

	cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.5	165 kB	2023-03-08	2024-04-23
Pretty URL cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.5 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:50:13 Last Seen2024-04-23 09:19:54 Times Seen6072 Hash 0a7176e860c4303f557950b75fb8a898 c292eb1b902ed06fccd65a684d6b311e1290caa9 c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094 Loading...

	cellfonecellular.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	11 kB	2023-03-07	2024-04-22
Pretty URL cellfonecellular.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-22 09:02:49 Times Seen5350 Hash 4eee50ac6f4f364ba3a284d0753ddae3 a8e7e824e6824ae0b370ff36e2c07ca07276fae0 b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe Loading...

	cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1	33 kB	2023-03-08	2024-04-15
Pretty URL cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen658 Hash 48b7a16ab38005edf9c9964313ce1cd7 8b8569d937aac61fd792b6c68fca974e3cdd94ab 5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7 Loading...

	cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.8.0	22 kB	2023-03-09	2024-03-02
Pretty URL cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.8.0 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:05:15 Last Seen2024-03-02 21:58:17 Times Seen193 Hash 453af4946d83f4e8d02d574a5e0037df a52233f3e3a957e3851c80bf7a28e712c2928973 586b3577333da1fb1a4c4a32022c3fd3e5c28758770dbae1c2a1ecc2bf4dc2f1 Loading...

	cellfonecellular.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	4.9 kB	2023-03-07	2024-04-21
Pretty URL cellfonecellular.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-21 16:07:42 Times Seen24375 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	cellfonecellular.com/reeh/?qbot.zip	1.9 kB	2023-03-09	2023-03-09
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:12:28 Last Seen2023-03-09 11:12:28 Times Seen1 Hash 32d965ab651692d6a5f39cd261851698 02200ecc8e83f13f9a38c930a0a9af0217c1a251 1f211271a928e19f1cfc3c06963a9f547361feae1c3f4408278d20770cf1a155 Loading...

	cellfonecellular.com/reeh/?qbot.zip	332 B	2023-03-07	2024-04-23
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-23 09:19:51 Times Seen9140 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	cellfonecellular.com/reeh/?qbot.zip	1.2 kB	2023-03-07	2024-04-10
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:46 Last Seen2024-04-10 13:28:36 Times Seen205 Hash eb248e3e0748e5d1b3fb699f7670016c 63d4c461baf724cb8220f4ae73a36d82fa704202 f3ca6892b6e381e2f94bbf913dfc20f2c7552813945a56e597d2d9517a1ccb57 Loading...

	cellfonecellular.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-22
Pretty URL cellfonecellular.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-22 15:34:31 Times Seen38020 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/elements-handlers.min.js?ver=3.8.0	25 kB	2023-03-09	2024-03-02
Pretty URL cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/elements-handlers.min.js?ver=3.8.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:05:15 Last Seen2024-03-02 21:58:17 Times Seen185 Hash ae21bfd877e04a083a816dff72d9c438 1a30b846e1e0738dfa0a2703349b63bf05b7873e 8c02b97a575bcbf5f08739f63c22d63fe602483911752e9468b6d4db55e7b3ba Loading...

	cellfonecellular.com/reeh/?qbot.zip	263 B	2023-03-07	2024-04-14
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:46 Last Seen2024-04-14 21:26:46 Times Seen375 Hash d350d76ec777287fbb95b1f13b8ba72e abce07cea99dc81a29121ffa26e7cca7830a1183 3604170ffbf93f5c8a21a321bdfae46ef39ff099167ec4b1b137bd0956825b2b Loading...

	cellfonecellular.com/reeh/?qbot.zip	2.3 kB	2023-03-07	2024-04-23
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-04-23 09:19:51 Times Seen7924 Hash f0bef95e258d5b84f82c5d4e29252176 eac5936c555c039bc38816d0916e13c0b364d797 a6c3ffec54ef5f2ca033b1fcdf84e1feac93437a3d8d4439667e9276ca2a9836 Loading...

	cellfonecellular.com/reeh/?qbot.zip	1.2 kB	2023-03-09	2023-03-09
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:12:28 Last Seen2023-03-09 11:12:28 Times Seen1 Hash 5da1b47e2acfaabc6103119538a9d4be 76772b4b53214581cdacabef5dda0a3b1e2fa8cd 9eb47fd4ffcab21065fa117f831f3e2413fa718fc681a499852f7b309822894b Loading...

	cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.8.0	5.2 kB	2023-03-09	2024-03-02
Pretty URL cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.8.0 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:05:15 Last Seen2024-03-02 21:58:17 Times Seen183 Hash 8c57bbe43bae29ddf6c36964720bc2f0 0381471e2558b50fddfe622a5f2ea8d8d19c5570 02c666016310320843f18a22ed9638af0d5d05f11344110ceeb8a56c544a8655 Loading...

	cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1	40 kB	2023-03-08	2024-04-15
Pretty URL cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen724 Hash 2331d602370faa61829c8aa628996c7d e097dda010d924637e9c9f906be7653ae2d29343 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d Loading...

	cellfonecellular.com/wp-includes/js/underscore.min.js?ver=1.13.4	19 kB	2023-03-08	2024-04-23
Pretty URL cellfonecellular.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-23 09:19:54 Times Seen41315 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	cellfonecellular.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	10 kB	2023-03-08	2024-04-21
Pretty URL cellfonecellular.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-21 16:07:42 Times Seen25599 Hash 8cd696505481e74ffee89b4995f37379 ee9aad199ef2bc60a3460f4c52f37d22907b2ec9 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874 Loading...

	cellfonecellular.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-21
Pretty URL cellfonecellular.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-21 18:36:10 Times Seen15482 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	cellfonecellular.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-19
Pretty URL cellfonecellular.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 20:39:51 Times Seen9798 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	cellfonecellular.com/reeh/?qbot.zip	108 B	2023-03-07	2024-04-17
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-17 10:30:46 Times Seen1415 Hash 2231d6e8d067a5cd22231e45e01e55de c9853ded0a5ac22d145c255b7e82f4c68e551a88 a96d6ca55569b0fb36fb7b9bfc2378f8c0cb651f41ea58af668175d44756fc50 Loading...

	cellfonecellular.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	5.0 kB	2023-03-08	2024-04-15
Pretty URL cellfonecellular.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen647 Hash 562ad59077018eb139d1f46afd69a050 d33c188f7d0f306b8a0ede1e3b67a0edb7be8966 f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb Loading...

	cellfonecellular.com/reeh/?qbot.zip	2.2 kB	2023-03-09	2023-03-09
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:12:28 Last Seen2023-03-09 11:12:28 Times Seen1 Hash d17431b851e1dc66d9075902ce995a20 3585cf57b6ab5939512f23a80e48895ae6142f13 72e33ee0da9556b4f114294d70664e72c18107f9c445f4d6c5bc865784376d5b Loading...

	cellfonecellular.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-23
Pretty URL cellfonecellular.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 00:53:38 Times Seen68558 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	cellfonecellular.com/wp-content/themes/dt-the7/js/main.min.js?ver=11.1.2	338 kB	2023-03-09	2024-02-22
Pretty URL cellfonecellular.com/wp-content/themes/dt-the7/js/main.min.js?ver=11.1.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:56:07 Last Seen2024-02-22 11:24:14 Times Seen14 Hash 9e23e5e74c3d27f3d6fb27d66feb927f 877b723f3ec175f3018bd543a48c3e587cc82207 a72b9bfecce798c49d2bb8679d16b8db2a3d84c47e4c2bbacfcf73dc23413fdf Loading...

	cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.5	407 kB	2023-03-08	2024-04-16
Pretty URL cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.5 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:21 Last Seen2024-04-16 13:22:22 Times Seen841 Hash b0ac07a6918661e5116d67cb7d7a1c2b 94e6f307e5605d36dda6db9abfbb7b740cfadaa6 7b7d5a7040c734484063484276d1643c07c1d8a88c2e4c54818bb6d5fedfd18d Loading...

	cellfonecellular.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-21
Pretty URL cellfonecellular.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-21 21:18:40 Times Seen31789 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	cellfonecellular.com/reeh/?qbot.zip	68 B	2023-03-07	2024-04-23
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 05:57:36 Times Seen22424 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	cellfonecellular.com/reeh/?qbot.zip	2.1 kB	2023-03-09	2023-03-09
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:12:28 Last Seen2023-03-09 11:12:28 Times Seen1 Hash 371d5e245fe9b596193a90cde33ea048 eb1bf29572bb55a062fc1039d0136e160131ccf9 0826f50c49b7dbe11d68cb4a49b4dc5e393c8f6fbfc01df1604289c7bedd8ee1 Loading...

	cellfonecellular.com/reeh/?qbot.zip	96 B	2023-03-07	2024-04-23
Pretty URL cellfonecellular.com/reeh/?qbot.zip IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-23 09:35:10 Times Seen10603 Hash eb3a538fd2a39c22198e72c3b9f498a7 c966ebdbd2701a0980a85671126664f3892d4f1e ac233233e7bcaf806041b243578fab081dced8a045d9a82756410da9ea2382a1 Loading...

	cellfonecellular.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.1.2	40 kB	2023-03-07	2024-04-14
Pretty URL cellfonecellular.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.1.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:04 Last Seen2024-04-14 21:26:47 Times Seen863 Hash 0201925438ef5e8d808c5a4aae483af2 7fac1f6d9d64a46203fd652cfa429be67b518198 5e8a1efa7ed75ccecd7b1daa15fbdb97fe1a730dddcd36e65a714d4811b31238 Loading...

	cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.7.1	27 kB	2023-03-07	2024-02-22
Pretty URL cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.7.1 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:46 Last Seen2024-02-22 11:24:16 Times Seen121 Hash 35e029aa8b7a8ce2fe14ea989b928b09 428ee3cd68821fbf8761d2eed9fcd5ac82fbbc9e 34fbe01a406b8f5ac1f9a8ea25aedb6820e1eefd502c1cc56433e3963efbbaad Loading...

	cellfonecellular.com/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.1.2	13 kB	2023-03-07	2024-04-14
Pretty URL cellfonecellular.com/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.1.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:46 Last Seen2024-04-14 21:26:47 Times Seen470 Hash c651c9d189aec3025648ab5a4a143702 29cb8cfbc901402ac6b0d2f45d3683bc358e08f3 fb7fbfb50310397a5df8716772c7938bc765eaf1bd8108c5225f78b14581eb22 Loading...

	cellfonecellular.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-23
Pretty URL cellfonecellular.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 09:19:54 Times Seen52590 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	cellfonecellular.com/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.1.2	2.7 kB	2023-03-07	2024-04-14
Pretty URL cellfonecellular.com/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.1.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:46 Last Seen2024-04-14 21:26:47 Times Seen434 Hash ca4fc18d3aa41a0e4ca31c875b1f93c6 57f848a86bdfddffe192f1049f1a3400d55c0e28 9c7f5f11ea09af1edcc1a9033075fc3de8d28a1675503169f857b2211c8d8545 Loading...

	cellfonecellular.com/wp-content/themes/dt-the7/js/compatibility/elementor/the7-vertical-menu.min.js?ver=11.1.2	3.2 kB	2023-03-09	2023-06-27
Pretty URL cellfonecellular.com/wp-content/themes/dt-the7/js/compatibility/elementor/the7-vertical-menu.min.js?ver=11.1.2 IP 69.64.71.154 ASN #18501 CODERO-DFW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:12:28 Last Seen2023-06-27 13:02:58 Times Seen3 Hash 0db0720b9e690747325cfdb15973b34d 945681f0ab8068c12ae7a959d28ab62c6d99c865 79d4f5719a7469bd3216f56f31f5b9332a941f05049c61de5101c82ca4a846bd Loading...

HTTP Transactions (85)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2218
Expires: Fri, 16 Dec 2022 02:15:28 GMT
Date: Fri, 16 Dec 2022 01:38:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18322
Expires: Fri, 16 Dec 2022 06:43:52 GMT
Date: Fri, 16 Dec 2022 01:38:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b38399fcc8246505e5e6b0f62803a5a
bb374f8d97b2bd798873d74c6bbab20ad6843e96
406ab3af8adf2b151c052a06c0379fd8d83d3362e90c17ac2e5481b6b9a7441f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "406AB3AF8ADF2B151C052A06C0379FD8D83D3362E90C17AC2E5481B6B9A7441F"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4003
Expires: Fri, 16 Dec 2022 02:45:13 GMT
Date: Fri, 16 Dec 2022 01:38:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 01:33:58 GMT
content-type: application/json
age: 272
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: zRRkVOnHK/FZU+wlGVXI69V9TRDmw4YE9ScrGqletznqjiNutw+13KQhPbxApao2UDa6MWTby5Q=
x-amz-request-id: FV9VMZXF3D0QER4Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 00:51:08 GMT
age: 2842
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 01:38:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 01:33:21 GMT
age: 309
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b9f0adeb27a19629aeff6f34de67f3ad
3876d1b871d7da6d18de23c2edb301eb30728066
c5744a90c8f66629aa2331465a32afe0d430b36d16fd98bc821e370f1b24463c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6350
Cache-Control: max-age=119660
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:30 GMT
Etag: "639ae3b4-1d7"
Expires: Sat, 17 Dec 2022 10:52:50 GMT
Last-Modified: Thu, 15 Dec 2022 09:07:00 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.43.228.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.228.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1pF6WceNEHydMZTA0hlj4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AAP074JypMG8AvccP0bpeepUA2c=

cellfonecellular.com/reeh/index.php?qbot.zip

69.64.71.154

301 Moved Permanently

0 B

URL HTTP/1.1
cellfonecellular.com/reeh/index.php?qbot.zip
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /reeh/index.php?qbot.zip HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Fri, 16 Dec 2022 01:38:30 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://cellfonecellular.com/reeh/?qbot.zip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5501
Expires: Fri, 16 Dec 2022 03:10:13 GMT
Date: Fri, 16 Dec 2022 01:38:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5501
Expires: Fri, 16 Dec 2022 03:10:13 GMT
Date: Fri, 16 Dec 2022 01:38:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5501
Expires: Fri, 16 Dec 2022 03:10:13 GMT
Date: Fri, 16 Dec 2022 01:38:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5424 bytes)
Hash
30739a2896ba00103578a7cd3589767c
b8da5c239832fc19c22722c23412adac1ef200ec
b406a1135ac6a56d3b7e3ba1f9adeb1a69d56e7a070f30e1dd20fea4ebedf3a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5424
x-amzn-requestid: e579538e-8990-425d-a635-ede55d60ed50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNSvBETaoAMFyKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b97f9-3560628d3673feb33f4b958e;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:56:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CjP6MuggD8GZZTJUICeoKXHsb5qopw53uqsKfb6drH5nHj4gL1CptQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:13:35 GMT
age: 12297
etag: "b8da5c239832fc19c22722c23412adac1ef200ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11887 bytes)
Hash
3ffaf7e3899d2e846612269608ae1286
07e6d729ad09430b483f44c16146dd2707935314
0d101f77b5159818bdac6fd41d43df60d95a08cebea93b9c661d5694a2d92f54

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11887
x-amzn-requestid: 4af02abe-5573-4788-9790-f76620857d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRX9FVdIAMFxfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b95cc-484ff6083d4e7b483cbfcd96;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8V4kSXlD1XwSR_1OFl7eFOsYwqUatih-UFve0BaTlp5XgXzTGZSWCg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:56:47 GMT
etag: "07e6d729ad09430b483f44c16146dd2707935314"
content-type: image/jpeg
age: 13305
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ae976ce-079c-4e5f-b8b9-c1ee2adaa868.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12785 bytes)
Hash
78c629538ec0e3052bbfc30143472461
4730867561c6116e461a82d5448d7fb10d5df533
8987e66414a582c18eaf65e0c2139213817cdc524dcffe2abc4f4a7c7cb3342e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ae976ce-079c-4e5f-b8b9-c1ee2adaa868.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12785
x-amzn-requestid: 55fe73e5-e843-4f9b-88ee-fc3aa5365dc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQLFqaoAMFQHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-0a135ed9618b37ea59813d56;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WKzermMXjxJ_I7wum86KjSEfxd-OvBXbsYdNCshK0n7mhnfb2fPHVw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:57:04 GMT
age: 13288
etag: "4730867561c6116e461a82d5448d7fb10d5df533"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff22fa4a3-ba63-491d-a915-4c7ea375f720.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7896 bytes)
Hash
1439b219bc14c22c96fdba089d03dc40
bfe8173cae5e2c8fa781f11661dc0893fc159eb3
a5aad1c8c3464232f0bb74c8115ea0cb0d2ac6f43c5418feb967803ea8286ff3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff22fa4a3-ba63-491d-a915-4c7ea375f720.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7896
x-amzn-requestid: cf094f2f-ce6b-4626-8168-36944d557cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA4FexoAMFe-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-60e1d5f53f3d2ad01060a8d4;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zUZEYcY4OgIDoMd-y4mtxmJxD09IeYbmsvgWPauxLcZ4IGr8sDNcgw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 03:25:04 GMT
age: 80008
etag: "bfe8173cae5e2c8fa781f11661dc0893fc159eb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5710 bytes)
Hash
5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qj7aKHjYDmSpAkdiFXcYQ5fL2bIwo2KEYkDvvKo-_YBToKJVM2GWng==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:12:29 GMT
age: 12363
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6873e310-18bc-4048-a538-a334095e2630.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3482 bytes)
Hash
05e3e1b7b913ea0135618df17b15cf3d
af81d8f513ce5e57331b23e7293c24b788d14814
c18f41a6b4367ad833d41ff6686cc8987e5b34961db4ac689834b4c013946ad7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6873e310-18bc-4048-a538-a334095e2630.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3482
x-amzn-requestid: 01bd8674-7772-4df9-a9ab-f4769a77a856
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQKEMOoAMFZ-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-4fa03c782e961da07a7ea339;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lYZHdOdBQ9Kqvd1HG6uZY20FkoQqm0NeQvgTWCi6LHhIy3qqisF4BQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:56:47 GMT
age: 13305
etag: "af81d8f513ce5e57331b23e7293c24b788d14814"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cellfonecellular.com/wp-includes/css/classic-themes.min.css?ver=1

69.64.71.154

200 OK

217 B

URL HTTP/1.1
cellfonecellular.com/wp-includes/css/classic-themes.min.css?ver=1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 13:45:16 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/reeh/?qbot.zip

69.64.71.154

404 Not Found

60 kB

URL HTTP/1.1
cellfonecellular.com/reeh/?qbot.zip
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9493)
Size
60 kB (59641 bytes)
Hash
cd554d90f8a7fbc00f91f44e8bca3c5c
7d9ea13e63437c866ebb0d3c43eb4e06ce9c94be
987bac9e08325a0045257e7403bd32089288ab975e8bf9d30ed319d31161c3ce

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /reeh/?qbot.zip HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Fri, 16 Dec 2022 01:38:32 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://cellfonecellular.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cellfonecellular.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

69.64.71.154

200 OK

19 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (15660)
Size
19 kB (18617 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/uploads/elementor/css/post-6.css?ver=1669232261

69.64.71.154

200 OK

28 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/css/post-6.css?ver=1669232261
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (14439)
Size
28 kB (27804 bytes)
Hash
0ff3887d99d09e0da2ef14e0b479adb9
014041fa68593de7e022e77d3a62c9a213365b12
0d23f5ab40c7cdee6055840a836b831ba1e09edf66d69d4bf5f919c0c6375ead

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6.css?ver=1669232261 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 19:37:41 GMT
Accept-Ranges: bytes
Content-Length: 27804
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/elementor/css/global.css?ver=1669232274

69.64.71.154

200 OK

4.7 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/css/global.css?ver=1669232274
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (4749), with no line terminators
Size
4.7 kB (4749 bytes)
Hash
53af61c0b03700292f1177db356d20a4
7ad77fca042b1c2fd6f3d2acd1cfa27a53bd69d4
f7c77868555d54639923b2592eb2b6e7ab710fcc80161df4769f2b18dd5783d2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1669232274 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 19:37:54 GMT
Accept-Ranges: bytes
Content-Length: 4749
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

69.64.71.154

200 OK

19 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (19233)
Size
19 kB (19279 bytes)
Hash
d183c598fd582fe997f6782afed84f9b
7799820e0e849e8484543c3360a8d8cc62baa32f
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 19279
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

69.64.71.154

200 OK

95 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (47826)
Size
95 kB (94889 bytes)
Hash
71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:33 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 14:56:45 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/elementor/css/post-3982.css?ver=1669644288

69.64.71.154

200 OK

15 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/css/post-3982.css?ver=1669644288
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (14752), with no line terminators
Size
15 kB (14752 bytes)
Hash
940506b52f26f5801e9b4bb414cc7f9d
5933d0a7cb4022bdcbd74f60286d90e0ad18d0ef
7e316b2d3ad40546bb5029e4c817f20228914f97bfaa2738744161d80f9bb956

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-3982.css?ver=1669644288 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Mon, 28 Nov 2022 14:04:48 GMT
Accept-Ranges: bytes
Content-Length: 14752
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/elementor/css/post-6132.css?ver=1669311563

69.64.71.154

200 OK

3.8 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/css/post-6132.css?ver=1669311563
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (3810), with no line terminators
Size
3.8 kB (3810 bytes)
Hash
bde3101fdc0ac82734c3ff2fe55f549a
8a71420bee5bdf1588d1e09f5a73d1e0ddb133e4
39d1bce10a307ed35d1a1b4a2bdaa340c0dc662b44b092fbe6ec91fb0c68fe4f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6132.css?ver=1669311563 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 17:39:23 GMT
Accept-Ranges: bytes
Content-Length: 3810
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=11.1.2

69.64.71.154

200 OK

11 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (10755), with no line terminators
Size
11 kB (10755 bytes)
Hash
26421f9c878acb1fd676d5053a2928ae
28bc1fa7e3e1a0901c56e854004d8047629e4b03
e3615fe430b11a0bbd580c5076d0e5edf562597d8a3e851b1aa61280f8ea3897

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:31 GMT
Accept-Ranges: bytes
Content-Length: 10755
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1669232274

69.64.71.154

200 OK

162 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1669232274
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (161468 bytes)
Hash
025fbf60d16c8cb53214a556d78f5882
0924385fb24c2ade2a9fb83cf262f32cec5fd9bc
07aa88b248702e074910d2e58c79bf8813402d032b8a4a0805c07e8625b867c9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1669232274 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 19:37:54 GMT
Accept-Ranges: bytes
Content-Length: 161468
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.7.1

69.64.71.154

200 OK

43 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.7.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (42763)
Size
43 kB (42851 bytes)
Hash
b56acc93d0aa6ec25dd35d634e78a71d
5052c13c5396c069534411f82750c2b29b144b15
9349f4165642ed216bcb4982eccb977b86f95b2813ffe172afdf6aab317925a2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.7.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 42851
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/the7-css/css-vars.css?ver=d71c4ab93db1

69.64.71.154

200 OK

32 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/the7-css/css-vars.css?ver=d71c4ab93db1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text
Size
32 kB (32008 bytes)
Hash
54e4f837d2d5a79ff2f296b9cf9389bd
166c04ffefd5c20df0c50c9d447921ee9e828a58
b87ea124f2b619784e73603e57ae621b054ac404352c206166b540bca379fdee

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/the7-css/css-vars.css?ver=d71c4ab93db1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 16:47:29 GMT
Accept-Ranges: bytes
Content-Length: 32008
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/the7-css/media.css?ver=d71c4ab93db1

69.64.71.154

200 OK

77 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/the7-css/media.css?ver=d71c4ab93db1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text
Size
77 kB (77226 bytes)
Hash
6d97ee06da2cf0df913f3a5509282e2f
25cb9557fbbfe9b78f5e0fd01615167d997e02c2
05d0a3344b9fa3a3145556b3d4538e5b729fe9c512ff9201eb9cf232614354ad

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/the7-css/media.css?ver=d71c4ab93db1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 16:47:30 GMT
Accept-Ranges: bytes
Content-Length: 77226
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/themes/dt-the7/css/main.min.css?ver=11.1.2

69.64.71.154

200 OK

247 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/css/main.min.css?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
Unicode text, UTF-8 text, with very long lines (37346)
Size
247 kB (247222 bytes)
Hash
5a86cb43f06955604adfd8fd72570b42
3e3727ffa45f4b8a5cbdeadec17916759068113d
6fb1a69e38a12f128229ce3e2cb88f0b075b10c2afb2b82b9c36e3def5339789

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/css/main.min.css?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:30 GMT
Accept-Ranges: bytes
Content-Length: 247222
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=d71c4ab93db1

69.64.71.154

200 OK

23 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=d71c4ab93db1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text
Size
23 kB (23284 bytes)
Hash
85bbfa6ab7cb8efff8b466913ac9df13
9be20d6309d59f108abee76ae7148c99bf8b0739
5cf9186c30d241993ff0233aed0f0bdb71d0dc6592dd461715281775d949a26a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=d71c4ab93db1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 16:47:30 GMT
Accept-Ranges: bytes
Content-Length: 23284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/the7-css/custom.css?ver=d71c4ab93db1

69.64.71.154

200 OK

269 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/the7-css/custom.css?ver=d71c4ab93db1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text
Size
269 kB (268855 bytes)
Hash
7fb3d2ce89727c525f0771deca6a7e9b
98293303a365b0d276d8c6f563f5852d45cfed4b
a7efe099aa2eaac3fe7a85d7873b438652c5c66de6116765324190ca4befaee1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/the7-css/custom.css?ver=d71c4ab93db1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 16:47:30 GMT
Accept-Ranges: bytes
Content-Length: 268855
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/the7-css/post-type-dynamic.css?ver=d71c4ab93db1

69.64.71.154

200 OK

10 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/the7-css/post-type-dynamic.css?ver=d71c4ab93db1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text
Size
10 kB (10169 bytes)
Hash
f49679e69babe2863f3eed6e9fa4e7c4
0b6f952af45f20f8353fade8bedd58da340bc848
7cff8bb381c394cef0f42d608816d7d2c90adc86bcc0c991b2e13c676c514e99

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/the7-css/post-type-dynamic.css?ver=d71c4ab93db1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 16:47:30 GMT
Accept-Ranges: bytes
Content-Length: 10169
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/themes/dt-the7/style.css?ver=11.1.2

69.64.71.154

200 OK

1.4 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/style.css?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (523)
Size
1.4 kB (1424 bytes)
Hash
44c0a2c17666d2750f4cd38adec4daa7
7d63b323eaab50d8c58161eb74c90779c89f1196
71be3e1ad75a310324a250619e43fbbc884fb9d7e172c24cd660afeb47cab1e5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/style.css?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:31 GMT
Accept-Ranges: bytes
Content-Length: 1424
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/themes/dt-the7/css/compatibility/elementor/elementor-global.min.css?ver=11.1.2

69.64.71.154

200 OK

36 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/css/compatibility/elementor/elementor-global.min.css?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (36157), with no line terminators
Size
36 kB (36157 bytes)
Hash
563bb897df9945581b34d3a8fd9872ea
599bc3eca5cef6efd822657fe9aa4e8374dd50da
858ac0564fa50e8ac42ae4a810a73809beef688dc296fb8fd711be24e52951f3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/css/compatibility/elementor/elementor-global.min.css?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:30 GMT
Accept-Ranges: bytes
Content-Length: 36157
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/uploads/elementor/custom-icons/the7-feather/style.css?ver=1.0.0

69.64.71.154

200 OK

14 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/custom-icons/the7-feather/style.css?ver=1.0.0
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (13549), with no line terminators
Size
14 kB (13549 bytes)
Hash
146b2b3d553296b9931d54134ebcf595
1bfab053c16efc05a10d8b6fc93a26dbdd30b326
38cc2d3b499611ef3b4241f05f2488760e1beb6876c8f0171b81c4a155252f3f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/custom-icons/the7-feather/style.css?ver=1.0.0 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:09 GMT
Accept-Ranges: bytes
Content-Length: 13549
Content-Disposition: attachment
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

69.64.71.154

200 OK

58 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (57726)
Size
58 kB (57912 bytes)
Hash
eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 57912
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

69.64.71.154

200 OK

669 B

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (483)
Size
669 B (669 bytes)
Hash
9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 669
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

69.64.71.154

200 OK

90 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (65447)
Size
90 kB (89684 bytes)
Hash
17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Mon, 19 Sep 2022 14:16:24 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

69.64.71.154

200 OK

11 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.1.2

69.64.71.154

200 OK

13 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
Unicode text, UTF-8 text, with very long lines (2772)
Size
13 kB (12713 bytes)
Hash
c651c9d189aec3025648ab5a4a143702
29cb8cfbc901402ac6b0d2f45d3683bc358e08f3
fb7fbfb50310397a5df8716772c7938bc765eaf1bd8108c5225f78b14581eb22

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:31 GMT
Accept-Ranges: bytes
Content-Length: 12713
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/themes/dt-the7/css/compatibility/elementor/the7-vertical-menu-widget.min.css?ver=11.1.2

69.64.71.154

200 OK

8.9 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/css/compatibility/elementor/the7-vertical-menu-widget.min.css?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (8901), with no line terminators
Size
8.9 kB (8901 bytes)
Hash
1747c634087669180cf6a79e0b501dd7
fed14828527fa13b6f6808e19f9f0b449bd209aa
a8b8ebb3a0bad27fc7a19d2c5ca0cb5c7f60b7e47ecefbb1cad695827ac8ba6e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/css/compatibility/elementor/the7-vertical-menu-widget.min.css?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:30 GMT
Accept-Ranges: bytes
Content-Length: 8901
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.5

69.64.71.154

200 OK

58 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.5
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
Unicode text, UTF-8 text, with very long lines (12602)
Size
58 kB (58260 bytes)
Hash
094ecbb344f63a3ae1bf64fe29d87c7d
4811fbb7511a15d5802978079d8ff4f911484a5e
95f59f9a4a19697496edc01bb55011ea4056f90625cc816a7f18256f056a6258

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.5 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 58260
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1

69.64.71.154

200 OK

18 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (10019)
Size
18 kB (18468 bytes)
Hash
4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 18468
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

cellfonecellular.com/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.1.2

69.64.71.154

200 OK

2.7 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (2615)
Size
2.7 kB (2705 bytes)
Hash
ca4fc18d3aa41a0e4ca31c875b1f93c6
57f848a86bdfddffe192f1049f1a3400d55c0e28
9c7f5f11ea09af1edcc1a9033075fc3de8d28a1675503169f857b2211c8d8545

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:31 GMT
Accept-Ranges: bytes
Content-Length: 2705
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/themes/dt-the7/js/main.min.js?ver=11.1.2

69.64.71.154

200 OK

338 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/js/main.min.js?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (47989)
Size
338 kB (338217 bytes)
Hash
9e23e5e74c3d27f3d6fb27d66feb927f
877b723f3ec175f3018bd543a48c3e587cc82207
a72b9bfecce798c49d2bb8679d16b8db2a3d84c47e4c2bbacfcf73dc23413fdf

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/js/main.min.js?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:31 GMT
Accept-Ranges: bytes
Content-Length: 338217
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.1.2

69.64.71.154

200 OK

40 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (40085), with no line terminators
Size
40 kB (40085 bytes)
Hash
0201925438ef5e8d808c5a4aae483af2
7fac1f6d9d64a46203fd652cfa429be67b518198
5e8a1efa7ed75ccecd7b1daa15fbdb97fe1a730dddcd36e65a714d4811b31238

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:31 GMT
Accept-Ranges: bytes
Content-Length: 40085
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.5

69.64.71.154

200 OK

165 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.5
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (45047)
Size
165 kB (165339 bytes)
Hash
0a7176e860c4303f557950b75fb8a898
c292eb1b902ed06fccd65a684d6b311e1290caa9
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.5 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 165339
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.5

69.64.71.154

200 OK

407 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.5
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (64288)
Size
407 kB (407331 bytes)
Hash
b0ac07a6918661e5116d67cb7d7a1c2b
94e6f307e5605d36dda6db9abfbb7b740cfadaa6
7b7d5a7040c734484063484276d1643c07c1d8a88c2e4c54818bb6d5fedfd18d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.5 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 407331
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1

69.64.71.154

200 OK

5.0 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (4918)
Size
5.0 kB (4957 bytes)
Hash
562ad59077018eb139d1f46afd69a050
d33c188f7d0f306b8a0ede1e3b67a0edb7be8966
f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 4957
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.8.0

69.64.71.154

200 OK

5.2 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.8.0
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (5191)
Size
5.2 kB (5233 bytes)
Hash
8c57bbe43bae29ddf6c36964720bc2f0
0381471e2558b50fddfe622a5f2ea8d8d19c5570
02c666016310320843f18a22ed9638af0d5d05f11344110ceeb8a56c544a8655

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 5233
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/themes/dt-the7/js/compatibility/elementor/the7-vertical-menu.min.js?ver=11.1.2

69.64.71.154

200 OK

3.2 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/themes/dt-the7/js/compatibility/elementor/the7-vertical-menu.min.js?ver=11.1.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (3159), with no line terminators
Size
3.2 kB (3159 bytes)
Hash
0db0720b9e690747325cfdb15973b34d
945681f0ab8068c12ae7a959d28ab62c6d99c865
79d4f5719a7469bd3216f56f31f5b9332a941f05049c61de5101c82ca4a846bd

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/dt-the7/js/compatibility/elementor/the7-vertical-menu.min.js?ver=11.1.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 17:04:31 GMT
Accept-Ranges: bytes
Content-Length: 3159
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.7.1

69.64.71.154

200 OK

27 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.7.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (26727), with no line terminators
Size
27 kB (26727 bytes)
Hash
35e029aa8b7a8ce2fe14ea989b928b09
428ee3cd68821fbf8761d2eed9fcd5ac82fbbc9e
34fbe01a406b8f5ac1f9a8ea25aedb6820e1eefd502c1cc56433e3963efbbaad

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.7.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:35 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 26727
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1

69.64.71.154

200 OK

33 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
Unicode text, UTF-8 text, with very long lines (32907)
Size
33 kB (32947 bytes)
Hash
48b7a16ab38005edf9c9964313ce1cd7
8b8569d937aac61fd792b6c68fca974e3cdd94ab
5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 32947
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

69.64.71.154

200 OK

4.9 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (4875)
Size
4.9 kB (4910 bytes)
Hash
b33ab4d5dcf02436276a717e9d1b7c18
f47b9a9c41b3b11c9dffabca22945727c3ec6566
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Accept-Ranges: bytes
Content-Length: 4910
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

69.64.71.154

200 OK

10 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
data
Size
10 kB (10230 bytes)
Hash
8cd696505481e74ffee89b4995f37379
ee9aad199ef2bc60a3460f4c52f37d22907b2ec9
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 19:55:30 GMT
Accept-Ranges: bytes
Content-Length: 10230
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

69.64.71.154

200 OK

18 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
18 kB (17823 bytes)
Hash
e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 15:43:29 GMT
Accept-Ranges: bytes
Content-Length: 17823
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

69.64.71.154

200 OK

6.5 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (6475), with no line terminators
Size
6.5 kB (6475 bytes)
Hash
61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.8.0

69.64.71.154

200 OK

22 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.8.0
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (21624)
Size
22 kB (21666 bytes)
Hash
453af4946d83f4e8d02d574a5e0037df
a52233f3e3a957e3851c80bf7a28e712c2928973
586b3577333da1fb1a4c4a32022c3fd3e5c28758770dbae1c2a1ecc2bf4dc2f1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 21666
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

69.64.71.154

200 OK

12 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (12198), with no line terminators
Size
12 kB (12198 bytes)
Hash
3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 12198
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

fonts.googleapis.com/css?family=Manrope%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CComfortaa%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1

142.250.74.106

200 OK

26 kB

URL HTTP/2
fonts.googleapis.com/css?family=Manrope%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CComfortaa%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
26 kB (25738 bytes)
Hash
e8e141dc2017605bde4d80c4b48f8e55
2856a8563e90b2b372489a5431c54e395d37432c
1477ddba82cd289b15ea2752d893b219deb744d18139d869f14ba1220fa814d2

HTTP Headers

GET /css?family=Manrope%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CComfortaa%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Dec 2022 01:38:33 GMT
date: Fri, 16 Dec 2022 01:38:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cellfonecellular.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

69.64.71.154

200 OK

21 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
21 kB (21440 bytes)
Hash
034bd11ecaf6fb9240d905245e42e202
ff136c394ed95badfc0107fb98a890dcff642828
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 19:55:30 GMT
Accept-Ranges: bytes
Content-Length: 21440
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1

69.64.71.154

200 OK

40 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (40474)
Size
40 kB (40513 bytes)
Hash
2331d602370faa61829c8aa628996c7d
e097dda010d924637e9c9f906be7653ae2d29343
5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 40513
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-includes/js/wp-util.min.js?ver=6.1.1

69.64.71.154

200 OK

1.4 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (1391)
Size
1.4 kB (1426 bytes)
Hash
19d386c9004e54941c1cc61d357efa5d
0a77594006c8d86fdcc0adbc2b9aecaef3869586
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 03:52:10 GMT
Accept-Ranges: bytes
Content-Length: 1426
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-includes/js/underscore.min.js?ver=1.13.4

69.64.71.154

200 OK

19 kB

URL HTTP/1.1
cellfonecellular.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (18798)
Size
19 kB (18833 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Accept-Ranges: bytes
Content-Length: 18833
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2

69.64.71.154

200 OK

754 B

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (754), with no line terminators
Size
754 B (754 bytes)
Hash
afb55c29bdbcfc262d9fa56743572cad
d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf
c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:36 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 18:52:50 GMT
Accept-Ranges: bytes
Content-Length: 754
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1669232274

69.64.71.154

200 OK

494 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1669232274
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (65536), with no line terminators
Size
494 kB (494489 bytes)
Hash
4950bbe9b8ab543070602fb91341b7dc
49b5b81085e848e20c6b86d78520da3239612b33
d7a0db15c4e9c64fad1bd98289c4d3a89878857602297ecb9c9eee29f39eef62

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1669232274 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:34 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 19:37:54 GMT
Accept-Ranges: bytes
Content-Length: 494489
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/manrope/v13/xn7gYHE41ni1AdIRggexSg.woff2

216.58.207.227

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/manrope/v13/xn7gYHE41ni1AdIRggexSg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24328, version 1.0\012- data
Size
24 kB (24328 bytes)
Hash
e85a0263f681aafb7837205b6b0baaa8
d2c7aa9f963a65ad0ce6f969018ca569c3a81cc3
a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef

HTTP Headers

GET /s/manrope/v13/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cellfonecellular.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 22:38:19 GMT
expires: Sun, 10 Dec 2023 22:38:19 GMT
cache-control: public, max-age=31536000
age: 442818
last-modified: Mon, 11 Jul 2022 19:14:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2

216.58.207.227

200 OK

29 kB

URL HTTP/2
fonts.gstatic.com/s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 28712, version 1.0\012- data
Size
29 kB (28712 bytes)
Hash
1520051846f9dcefc38cdb90fc8b3456
057acb7bd46dfcf39244fb3582d560d98425e444
d3295fbcef086eb975b0fdcc4b929f0c59d4daf848dba6982a6aa915eb3011e0

HTTP Headers

GET /s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cellfonecellular.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 18:45:07 GMT
expires: Wed, 13 Dec 2023 18:45:07 GMT
cache-control: public, max-age=31536000
age: 197610
last-modified: Fri, 24 Jun 2022 19:20:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:38:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cellfonecellular.com/wp-content/uploads/2022/11/logo-wide-1.png

69.64.71.154

200 OK

25 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/2022/11/logo-wide-1.png
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
PNG image data, 831 x 187, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24566 bytes)
Hash
cc6b174cb37b96eda99b5d4501940480
444a3801474bca158df044e347a0bc353450dcd1
60eb04dfb917aee41c8662f9b1575d26add3aa8caa587e57643ed2255d59464c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/11/logo-wide-1.png HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:37 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2022 16:52:45 GMT
Accept-Ranges: bytes
Content-Length: 24566
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

cellfonecellular.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

69.64.71.154

200 OK

11 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
ASCII text, with very long lines (10544)
Size
11 kB (10682 bytes)
Hash
4eee50ac6f4f364ba3a284d0753ddae3
a8e7e824e6824ae0b370ff36e2c07ca07276fae0
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:38 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:04 GMT
Accept-Ranges: bytes
Content-Length: 10682
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

cellfonecellular.com/wp-content/uploads/elementor/custom-icons/the7-feather/fonts/the7-feather.ttf?n6tk6x

69.64.71.154

200 OK

75 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/elementor/custom-icons/the7-feather/fonts/the7-feather.ttf?n6tk6x
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, the7-feather\012- data
Size
75 kB (75092 bytes)
Hash
000709b520406cfc0ff51a1b24c72dc0
3a2aacf8e6d6c14718238821cfe811e416cc5b31
c2962438c8ec7a7c2ed1da1463b9b6d197b6dc2542bd9167aaf36793c14eeb11

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/custom-icons/the7-feather/fonts/the7-feather.ttf?n6tk6x HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/wp-content/uploads/elementor/custom-icons/the7-feather/style.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:37 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:47:09 GMT
Accept-Ranges: bytes
Content-Length: 75092
Content-Disposition: attachment
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/ttf

cellfonecellular.com/wp-content/uploads/2022/11/webicon-150x150.png

69.64.71.154

200 OK

14 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/2022/11/webicon-150x150.png
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13645 bytes)
Hash
9ad393abe166be4f97d2d37b965673a5
ff93a3388a881bf67c14d3fbdf7e1cf5e1b16fc6
02ba04c6362fcfd325e961c177883e2d9f4df1fc38d2c51e447071f1e84b2107

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/11/webicon-150x150.png HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:38 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:56:33 GMT
Accept-Ranges: bytes
Content-Length: 13645
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

cellfonecellular.com/wp-content/uploads/2022/11/webicon-300x300.png

69.64.71.154

200 OK

43 kB

URL HTTP/1.1
cellfonecellular.com/wp-content/uploads/2022/11/webicon-300x300.png
IP
69.64.71.154:0
ASN
#18501 CODERO-DFW

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (43229 bytes)
Hash
33c7d0943039e6c6edb752a007b8e434
f7ca2035e6af55ee189710e69f5b70414e4b355a
867a22eb15a0d42e0e9995eaade548018d5ac711a655937ad24ebc0dfe26ad63

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/11/webicon-300x300.png HTTP/1.1
Host: cellfonecellular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cellfonecellular.com/reeh/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:38:38 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 16:56:33 GMT
Accept-Ranges: bytes
Content-Length: 43229
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations