Report - feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/

Report Overview

Visited public
2024-09-24 13:32:17
Tags
paypal phishing financial
Submit Tags
URL
feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Finishing URL
feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
IP / ASN
104.26.15.146
#13335 CLOUDFLARENET
Title
Log in to your PayPal account
Phishing - PayPal

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-24 01:59:52	327 B	888 B	23.36.76.226
lp.cybeready.net	unknown	2014-01-26	2015-12-30 09:46:43	2024-09-24 01:29:11	2.6 kB	26 kB	104.26.8.233
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-24 01:59:52	1.3 kB	3.6 kB	23.36.76.226
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-09-24 01:55:20	887 B	33 kB	104.17.24.14
feedbak.site	unknown	2024-02-29	2024-03-04 04:38:58	2024-09-24 01:04:52	1.3 kB	1.3 kB	104.26.15.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-09-23	medium	feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/	PayPal Inc.
2024-09-23	medium	feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/	PayPal Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/	ScriptElement	63 B	2024-09-28	2024-09-28
Pretty URL feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/ IP 104.26.15.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-28 08:02 Last Seen2024-09-28 08:02 Times Seen1 Hash a46f12118c52d0eed00393b8229ddf35 bd71c623d7bd93e29479b219d7d81451fd0e82f8 5b350d815586e77df82521c9d42c9e1fd2577b775fbb90972b69cbc25f8e4f9e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-07-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-07-05 01:42 Times Seen7182 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	lp.cybeready.net/common/landing-page.js	ScriptElement	4.0 kB	2023-03-07	2025-05-29
Pretty URL lp.cybeready.net/common/landing-page.js IP 104.26.8.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-05-29 08:44 Times Seen383 Hash ac5716b9ccc0d5eb31e94d8c873227d4 39ed1b79df1f4a7eedc7f245f0cabb0618246951 633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca Loading...

	lp.cybeready.net/Forms/PayPal/validator.js	ScriptElement	1.1 kB	2023-03-07	2024-12-01
Pretty URL lp.cybeready.net/Forms/PayPal/validator.js IP 104.26.8.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2024-12-01 12:18 Times Seen54 Hash 1448c3a991e62585f8c174abff32a01b ae3baf9c6c916e31f1d47600c6b3ff777ec2a4e5 52227d0b9b14b5ea88d3a9cde57e33bf433bf470ce5fa0d7d25880b65acd4b30 Loading...

HTTP Transactions (15)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
72e206e9b89445fb2fb4031a6abe6169
a18bebfb86a71685bd817c15e348cfb5ea438c72
856f85441e043130f88668be6cf68110187856f17999bddc4332437d383c79b6

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "856F85441E043130F88668BE6CF68110187856F17999BDDC4332437D383C79B6"
Last-Modified: Mon, 23 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9565
Expires: Tue, 24 Sep 2024 16:11:16 GMT
Date: Tue, 24 Sep 2024 13:31:51 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6780a68358a1edeb14adb35ac0d10a26
19fc8499ddeb5e2debb1850bd1a4f9512403ddfe
4527b467c07ac0e3bb078a9d28a20622d18fe2df334e84cefa5affe767fb0b77

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4527B467C07AC0E3BB078A9D28A20622D18FE2DF334E84CEFA5AFFE767FB0B77"
Last-Modified: Tue, 24 Sep 2024 05:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10958
Expires: Tue, 24 Sep 2024 16:34:29 GMT
Date: Tue, 24 Sep 2024 13:31:51 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c6c7d535128f9eb2ec6dcd3d7d62919a
5aaa50926b462ccfc32d84db180a9af68e4d6b46
d498f9efc3307515c07f69fe4e630319e60c13d37700b7f35297c9b8d442b690

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D498F9EFC3307515C07F69FE4E630319E60C13D37700B7F35297C9B8D442B690"
Last-Modified: Sun, 22 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13299
Expires: Tue, 24 Sep 2024 17:13:31 GMT
Date: Tue, 24 Sep 2024 13:31:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8ab80371465a057b549a046eb6f97853
0ccf179fc8a2f02fc91bdb73161837daf6f5c08a
e8d786bfe63e0db6078c37a721dcd2c244ca27d70e5ecc8d99ccea1755073729

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E8D786BFE63E0DB6078C37A721DCD2C244CA27D70E5ECC8D99CCEA1755073729"
Last-Modified: Sun, 22 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10065
Expires: Tue, 24 Sep 2024 16:19:37 GMT
Date: Tue, 24 Sep 2024 13:31:52 GMT
Connection: keep-alive

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

104.17.24.14

200 OK

4.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
ASCII text, with very long lines (23577)
Size
4.4 kB (4364 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: text/css; charset=utf-8
content-length: 4364
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65993750-110c"
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1616312
expires: Sun, 14 Sep 2025 13:31:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FwtmNsWfWme1zkWtXqeqKzRIlTqx3x2GoH6XUl3pYkknbxDFL1hpL91owOwfWnfO0%2BvNeUykk5NxUUvrA8aKmjPULFcznsA56YoK2c1HC8CG%2BUpiGSmMtGyoGe4kb2ptqPFNYMa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8c8323296a2c7130-OSL
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7013635
expires: Sun, 14 Sep 2025 13:31:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUXISUf7pBH5Ogcclbrk7kvexQooadzmuFBlDZ2D3%2FUK8YuJMytIMeW1ke5uMwGKK7DKpcOJqxcdTuKSgxQaJ066dIA8BPs8MYoPvQd9Wm8JvUtl0b2Ni0BuEKgEaZy5SEcIh0cy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8c8323299a7c7130-OSL
X-Firefox-Spdy: h2

GET feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/

104.26.15.146

200 OK

0 B

URL User Request GET HTTP/2
feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
IP
104.26.15.146:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfeedbak.site
Fingerprint33:85:B0:74:D2:A0:15:EB:F0:DB:8B:11:C9:7D:A2:FB:46:5B:3D:E6
ValiditySat, 24 Aug 2024 17:14:55 GMT - Fri, 22 Nov 2024 17:14:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - PayPal
OpenPhish	phishing	PayPal Inc.

HTTP Headers

POST /q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/ HTTP/1.1
Host: feedbak.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 65
Origin: https://feedbak.site
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Cookie: requestid=dec18153ac635394b7fefdb89985625e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=bd959c104ce24e3810ea83494e15e067
requestid=3083d777277774c09788d991ed99104a
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acXaMBiPanNY3XrBUYolR0QqpN7OdLooDSzfMuI3fP9SjXVIxedL0x%2Bu9Bz2T6gdqzN%2FfuJwVfPJJuFyrxZHR83Ppss4kbcYWZ59OWQvDJJrdrwoLK1UluWTvR9v4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83232ba9920bbc-AMS
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f73ceff12b564e1c2296d475e9ba8906
928a54dec8f9924f62e8b6424267120d99b37a06
c4c3c75c09d25b08b9d911ca0138f3a1319b5e35e06a670b285c1806e6069bd6

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C4C3C75C09D25B08B9D911CA0138F3A1319B5E35E06A670B285C1806E6069BD6"
Last-Modified: Tue, 24 Sep 2024 13:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20971
Expires: Tue, 24 Sep 2024 19:21:25 GMT
Date: Tue, 24 Sep 2024 13:31:54 GMT
Connection: keep-alive

GET lp.cybeready.net/Forms/PayPal/favicon.ico

104.26.8.233

8.0 kB

URL GET
lp.cybeready.net/Forms/PayPal/favicon.ico
IP
104.26.8.233:0
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint30:A1:72:A7:01:7E:AF:07:FB:0E:0D:F8:62:9C:83:6E:8C:DC:05:09
ValidityMon, 12 Aug 2024 21:43:45 GMT - Sun, 10 Nov 2024 21:43:44 GMT

File type
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
Size
8.0 kB (8022 bytes)
Hash
e1528b5176081f0ed963ec8397bc8fd3
ff60afd001e924511e9b6f12c57b6bf26821fc1e
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667

HTTP Headers

GET /Forms/PayPal/favicon.ico HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: image/x-icon
x-amz-id-2: IKME7YFo08+IEZbbllkqE1K6HfQuY0dp/lO+1vbLzx6+2yIF8WWgQhFv7qTDvMAS7k1vtgJiNh4=
x-amz-request-id: TBKDYYSFTD8P2X07
last-modified: Mon, 08 Feb 2016 14:39:42 GMT
etag: W/"e1528b5176081f0ed963ec8397bc8fd3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4461
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NuWJbYUfMspNZ%2Fc9M6rwypYaZKdC6f1yJ%2BKTJo7lAurMSdJ90ppQe%2BH9uTI7JnJlNloKa9OXy7MKNtB0KwqpxUoaaL1l6QCINU7fJsNYPhWkCQrcrEgKIgBvD%2BZsLDRhY2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83232c2c990a4b-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/

104.26.15.146

200 OK

0 B

URL User Request GET HTTP/2
feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
IP
104.26.15.146:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfeedbak.site
Fingerprint33:85:B0:74:D2:A0:15:EB:F0:DB:8B:11:C9:7D:A2:FB:46:5B:3D:E6
ValiditySat, 24 Aug 2024 17:14:55 GMT - Fri, 22 Nov 2024 17:14:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - PayPal
OpenPhish	phishing	PayPal Inc.

HTTP Headers

POST /q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/ HTTP/1.1
Host: feedbak.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: json
X-Requested-With: XMLHttpRequest
Content-Length: 109
Origin: https://feedbak.site
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Cookie: requestid=3083d777277774c09788d991ed99104a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:32:15 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: requestid=4fa93a57a57c94d361ff6df4d606434d
requestid=f628ea055cfd34d4d888862c90386eae
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsPG8uIhlp4kRdX%2Fl%2FhvTWCmTuZ0IwNnhlnKCbNPStWrCznTovBwZVqfNwGnwP3aHCOIDGJ3DzXVUo6l%2BhTV4mvRQa9ek27uxX4PYjL6vbZgGWkqB%2BULiQvnMksClg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c8323b31fef0bbc-AMS
X-Firefox-Spdy: h2

GET lp.cybeready.net/Forms/PayPal/validator.js

104.26.8.233

200 OK

1.1 kB

URL GET HTTP/2
lp.cybeready.net/Forms/PayPal/validator.js
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint30:A1:72:A7:01:7E:AF:07:FB:0E:0D:F8:62:9C:83:6E:8C:DC:05:09
ValidityMon, 12 Aug 2024 21:43:45 GMT - Sun, 10 Nov 2024 21:43:44 GMT

File type
ASCII text, with very long lines (1160), with no line terminators
Size
1.1 kB (1143 bytes)
Hash
7605d25ce5a7a6373a8aa72efdbc39c8
7c6a84ece921b27f6beac7b36b4cd9a3055f92b4
d8420a15e540198b056eb38d0ef570edae9abb97672bff9a61a2b2f9d05847bd

HTTP Headers

GET /Forms/PayPal/validator.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1571
etag: W/"9949956ba262baa1705fbd6f66989fe1"
last-modified: Mon, 08 Feb 2016 14:40:12 GMT
x-amz-id-2: mr9SFxQdYh9VPc1HQLXZerdADRvu3xQ2dJiKQIYZiAZJ/QQtgmkEhQOrW1qReYLgRG06hArqB3Y=
x-amz-request-id: 35T73AJ6YQC2R66G
cache-control: max-age=14400
cf-cache-status: HIT
age: 4849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z11Kkj9L8aziOtHGWmV1tsIPwooP1jFxko1b%2F3iLcNlP5K1GYdE4K64Yh6hirXj3nqxkAtaTwGTfQTZqwH0X7bco%2FumRGgqWpI7KjqCOA9I5WuWj5PJZv1UYCKxrgEnMVZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c832329e8ba0a4b-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET lp.cybeready.net/Forms/PayPal/sanitize.css

104.26.8.233

200 OK

475 B

URL GET HTTP/2
lp.cybeready.net/Forms/PayPal/sanitize.css
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint30:A1:72:A7:01:7E:AF:07:FB:0E:0D:F8:62:9C:83:6E:8C:DC:05:09
ValidityMon, 12 Aug 2024 21:43:45 GMT - Sun, 10 Nov 2024 21:43:44 GMT

File type
ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
03217d7d8bc5ea9c4929c7785ba01cf1
0a7fa57ad7546a4d07dfc0b44398a4eed5fa1bba
6a449b4722f14af5cb2a4bcc627a7c324c804147feab1e56230a9712131ce116

HTTP Headers

GET /Forms/PayPal/sanitize.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1022
etag: W/"4023fc4c0be2a30c1eafd0903d5f471b"
last-modified: Mon, 08 Feb 2016 14:39:43 GMT
x-amz-id-2: t33R+yp6+yeBbhHVaLvhFTvT+jCj99v5SQEbrjL0axFRYz3njpOBEZG+NRHc7oITKGG0GG0aVQA=
x-amz-request-id: AQ8F6GGV3JPG00WM
cache-control: max-age=14400
cf-cache-status: HIT
age: 4849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrx9pqPENvMagMGFpFgAxiB%2BzrApA80AjxJiiWSNs%2Bksj3ybxJwcenHnHHY7zYIyrnhTEXHnReF5A0FMGlkWhvDkkK%2Fb2aXwgn0yJVwQu5BbPDbo4CkSC55hrW6qjIYAm0g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83232a08ed0a4b-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET lp.cybeready.net/Forms/PayPal/index.css

104.26.8.233

200 OK

2.0 kB

URL GET HTTP/2
lp.cybeready.net/Forms/PayPal/index.css
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint30:A1:72:A7:01:7E:AF:07:FB:0E:0D:F8:62:9C:83:6E:8C:DC:05:09
ValidityMon, 12 Aug 2024 21:43:45 GMT - Sun, 10 Nov 2024 21:43:44 GMT

File type
ASCII text, with very long lines (2019), with no line terminators
Size
2.0 kB (2019 bytes)
Hash
5b29be2a637bb79217b79a787f3dffbc
2c3faf12b4aa3a2289db3c94a8ca28ffcc431072
de005a085d04e99623239533e8e8ca3fd8dd4731139739c4d5428661a7247833

HTTP Headers

GET /Forms/PayPal/index.css HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2476
etag: W/"d544f8e0c80e3e76c62f3240eef5e417"
last-modified: Mon, 08 Feb 2016 14:39:42 GMT
x-amz-id-2: 2cKjDaqQP02h2VG5vQB2I2RXiltHCHB19liiPty8sG6gi1x4/DpXV51cf/iJQaDlf71mow60R5k=
x-amz-request-id: AQ894JMD5VZACMJ8
cache-control: max-age=14400
cf-cache-status: HIT
age: 4849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9aRHNd%2F%2BLBPh2k5mnS%2BgCraYhVL1CBILSDSaw5f0BtCgENrl17waBM46xIuisupyZIIBZshodYwEjLl%2F9CfXNwvO77OhCLt2vCgLT1Y9le22OTZXruRgg%2B8amsyr8Z9PLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c832329e8c00a4b-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET lp.cybeready.net/common/landing-page.js

104.26.8.233

200 OK

4.0 kB

URL GET HTTP/2
lp.cybeready.net/common/landing-page.js
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint30:A1:72:A7:01:7E:AF:07:FB:0E:0D:F8:62:9C:83:6E:8C:DC:05:09
ValidityMon, 12 Aug 2024 21:43:45 GMT - Sun, 10 Nov 2024 21:43:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4058), with no line terminators
Size
4.0 kB (4037 bytes)
Hash
31c9d5c1c040c6f1d6e924471ce8179b
051fbd8b0dd9cc8567fcb71fedf2726d0c7cb321
13935b3ce2cace0bb7bd02421279995e5a519bc5622c494ee1536a1ef880f670

HTTP Headers

GET /common/landing-page.js HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=7666
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
x-amz-id-2: 7xS5367tz0A2xAHySuEe7Pvx7FVfC5jdhRqCmRKLfYFQ2EqGvkfPJcS7cKtI0Lvq9GEX+T/uH/U=
x-amz-request-id: RVNXPEF3J2XCP4Y3
cache-control: max-age=14400
cf-cache-status: HIT
age: 1810
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TCL2qcZHNEF7UQ%2FXxVUbPOg%2FkJgnTIQrUgFJqoA%2FKX3m7lvVJkN%2BUO4A0U%2FYB73kNR9lwjH%2Fp2L%2B9DAyz5ziRcYQpVthSR%2BA5do2jytE%2FE1ctgg83kefGi8E1IyacipClc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83232a08f00a4b-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET lp.cybeready.net/Forms/PayPal/logo.svg

104.26.8.233

200 OK

4.9 kB

URL GET HTTP/2
lp.cybeready.net/Forms/PayPal/logo.svg
IP
104.26.8.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://feedbak.site/q01bd7d65p30964bfb1a28ec8642450e3fa4.html&data=05/
Certificate
IssuerLet's Encrypt
Subjectcybeready.net
Fingerprint30:A1:72:A7:01:7E:AF:07:FB:0E:0D:F8:62:9C:83:6E:8C:DC:05:09
ValidityMon, 12 Aug 2024 21:43:45 GMT - Sun, 10 Nov 2024 21:43:44 GMT

File type
SVG Scalable Vector Graphics image
Size
4.9 kB (4945 bytes)
Hash
460887862e7691125b5420ff0e740771
9e892380e3b1ae705560c9144fa288b55f24a685
bdf102799ad3f9598d3b33df3ee594b0ca62200e01609e045354f948c4724b84

HTTP Headers

GET /Forms/PayPal/logo.svg HTTP/1.1
Host: lp.cybeready.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feedbak.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 13:31:53 GMT
content-type: image/svg+xml
x-amz-id-2: o/Hz0m2LmjMU/AztKb1uPRpKSZX+bEB9XuqsITAB4w8U0rK1gLiLh0gmkrqsGFKX8XSCWspjUYI=
x-amz-request-id: 35T0NHG8NFFQVBKY
last-modified: Mon, 08 Feb 2016 14:39:43 GMT
etag: W/"0d105318575ea6a4fc653aa8290a3410"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4848
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgspR2JpoLhg685k0RQhwrfeGsh5A8F5FwSsWMcosukAVBctG4YZefNIhqAwuQKt5QTRYJ55yA9NHtGA1Nhp0%2BX%2BEY0jfqr6Lcx%2FDWTMNLNETSt4GGL4jfpGsf6LU%2F5ZlGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c832329e8bc0a4b-AMS
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2