Report - cybertel.com/

Report Overview

Submitted URL
cybertel.com/
IP
64.187.239.229
ASN
#46261 QUICKPACKET
Submitted
2023-01-14 18:53:13
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.8 kB	142.250.74.74
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	17 kB	104.17.25.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.132.177
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
cybertel.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	9.8 MB	64.187.239.229
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	17 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
play.videoo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	362 B	67.219.148.18
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-14	medium	cybertel.com/	Phishing
2023-01-14	medium	cybertel.com/assets/js/vendor/bootstrap/css/bootstrap.min.css?v=2	Phishing
2023-01-14	medium	cybertel.com/assets/css/search.css?v=2	Phishing
2023-01-14	medium	cybertel.com/assets/vendor/scrollreveal/scrollreveal.min.js	Phishing
2023-01-14	medium	cybertel.com/assets/js/base64.js	Phishing
2023-01-14	medium	cybertel.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js	Phishing
2023-01-14	medium	cybertel.com/assets/css/fs2.css?v=1	Phishing
2023-01-14	medium	cybertel.com/assets/js/vendor/bootstrap/js/bootstrap.min.js	Phishing
2023-01-14	medium	cybertel.com/assets/js/numbers2words.min.js	Phishing
2023-01-14	medium	cybertel.com/assets/js/vendor/jquery.js	Phishing
2023-01-14	medium	cybertel.com/assets/images/bg/background.jpeg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	cybertel.com/	10 kB	2023-03-12	2023-03-12
Pretty URL cybertel.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:23:52 Last Seen2023-03-12 23:23:52 Times Seen1 Hash 3a0321c3f20ea9f669b54a41d211632e 6ce1ddb38a0115cb544a3177d7c839e0bfc8b4b3 ac82a7d3e0329b10d23243e45d4b9291b8bfb45a4da6c9aaa6ef5668eb846beb Loading...

	cybertel.com/	139 B	2023-03-08	2024-01-27
Pretty URL cybertel.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:13 Last Seen2024-01-27 10:22:35 Times Seen20 Hash 63c55c1aae738f2e7533da310a0838ba 227454100e3bde28616aeb90f037d6dead0776da 0b685e2e5c5309137a70cae954118a2ce164a5bb4c2afe9e29aa8a1bf8969f6d Loading...

	cybertel.com/assets/js/vendor/jquery.js	84 kB	2023-03-07	2024-04-15
Pretty URL cybertel.com/assets/js/vendor/jquery.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-04-15 17:21:31 Times Seen1789 Hash 6631a779321bc03f4a5281d3ff526254 5be8bf17be5085d803dfcbe59f8d6e584b516679 797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858 Loading...

	cybertel.com/assets/js/base64.js	3.4 kB	2023-03-08	2024-01-27
Pretty URL cybertel.com/assets/js/base64.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen37 Hash 0e08f39e85c80c407a60444bebeb82ce 68a52fb8d724589ccca05d8d670556d4b87d4a9e 7ed71baa47a20efe97a93699e3a6cff9ab3084422979e9017928c316f72a85c7 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js	5.0 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:29 Last Seen2024-04-26 09:26:29 Times Seen5251 Hash c8f50397e0560719c62a35318f413e16 a643db87287e6e940fbabe6d8cfee5a8775692d8 a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655 Loading...

	cybertel.com/	294 B	2023-03-08	2024-01-27
Pretty URL cybertel.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen19 Hash c9a21509d91075508a99647eb06cb7e9 f3ba0f0a310ed1b3dafb9c48aba34e1be17d6a52 06d4bd54f938961e1fb130de57cc439a901c476a8186b4c436ee3e892454f674 Loading...

	cybertel.com/	387 B	2023-03-08	2024-01-27
Pretty URL cybertel.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen19 Hash 8a6e87132adc9b640d2a405d0750264e 25fda769c2b375f2f445a0e74651b7971330fc6b 4096acee7611940c7a5ded3476ee762faea9a0f3489a47df1f7e3c4447ee8336 Loading...

	cybertel.com/	933 B	2023-03-08	2024-01-27
Pretty URL cybertel.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen20 Hash 02f97a0f2e5a38065ef10393f0e1153b 5e5f6e53e4dcc636305d5f74bd3de36a718d1d39 92356c4923d99a097cbe0ce9be0bfa57ecd0e3776b934c535de24408b31b5ed1 Loading...

	cybertel.com/assets/vendor/scrollreveal/scrollreveal.min.js	9.1 kB	2023-03-07	2024-04-21
Pretty URL cybertel.com/assets/vendor/scrollreveal/scrollreveal.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:30 Last Seen2024-04-21 05:08:51 Times Seen184 Hash 5deb4348d63c0bfbce81c338d35db100 e7d5811bb79a7f27ebd7f4abb3213df9796a3361 4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417 Loading...

	cybertel.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js	5.6 kB	2023-03-07	2024-04-25
Pretty URL cybertel.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-25 23:50:16 Times Seen2680 Hash 3eac3c72434a0945b92dd4a01f7b6b4e 7767b356530e39cd76ec259320b0b2774b4097a8 ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b Loading...

	cybertel.com/assets/js/vendor/bootstrap/js/bootstrap.min.js	29 kB	2023-03-08	2024-01-27
Pretty URL cybertel.com/assets/js/vendor/bootstrap/js/bootstrap.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen37 Hash c6e17711c76af125c14a958f1ea615b6 5bab8533f7cbfd72c9584d82cea927f237942205 56b8046a6dc65542cb3cdbc4a8da4268c64e33f25afd4ba8cb3bb76f55db910e Loading...

	cybertel.com/assets/js/numbers2words.min.js	21 kB	2023-03-08	2024-01-27
Pretty URL cybertel.com/assets/js/numbers2words.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen36 Hash a3706cd911e65ca964a60508942d2614 ef6f850f0790fab3b4acbef4a0782d60726788f3 11f05ca2184e34e772401d6f4b9ad7e4d4914bb66c775f0188c3632f62095434 Loading...

	cybertel.com/	41 B	2023-03-12	2023-03-12
Pretty URL cybertel.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:23:52 Last Seen2023-03-12 23:23:52 Times Seen1 Hash 4e10a683cd4b6237f3f8fcf829fae0a4 9fe29ea038be31e4c6da4451d5d502032d7ea23f 2a7c287260221ec4c3e0c1cb5417adbf960355c3064896acce731bf4650a0855 Loading...

HTTP Transactions (47)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7340
Expires: Sat, 14 Jan 2023 20:55:19 GMT
Date: Sat, 14 Jan 2023 18:52:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8650
Expires: Sat, 14 Jan 2023 21:17:09 GMT
Date: Sat, 14 Jan 2023 18:52:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 18:48:55 GMT
content-type: application/json
age: 244
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cybertel.com/

64.187.239.229

200 OK

58 kB

URL HTTP/1.1
cybertel.com/
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19185)
Size
58 kB (57944 bytes)
Hash
50b262b0d90bc4dd3fbc70d8282a94ed
f510dda428bef29ccee9118069eba5cca39b5334
b0cef888d6dda354a4a5a3aaab57b2ec212824cfa4f70f73d2fd05c21764bc80

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/7.4.19
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; expires=Sat, 14-Jan-2023 20:52:59 GMT; Max-Age=7200; path=/
webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D; expires=Sat, 14-Jan-2023 20:52:59 GMT; Max-Age=7200; path=/; httponly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7bd85a261739c122eefb74ffddaec99
e2e059b0740592e8591d432249aafe5fcb8af23c
71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8961
Expires: Sat, 14 Jan 2023 21:22:20 GMT
Date: Sat, 14 Jan 2023 18:52:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: +si6tXR+ydAewkGihNgjZx/vPNfbYf1yTWkMx6p7YKqYQGjM+5sIEn0Z+AnfLHaLfabrQvc50l8=
x-amz-request-id: 4TXRVMHHD0EQX0KK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 17:55:02 GMT
age: 3477
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 18:52:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,500,600

142.250.74.74

200 OK

592 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Roboto:400,500,600
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
592 B (592 bytes)
Hash
4c9f004142907abfcb78fa28f3e305dc
d6a444ef9bef4047cf8cb4a78496ada194f133e9
4a3086509161796f66c5ebaba8065e74b2ec642697e8f461646f2609570bae85

HTTP Headers

GET /css?family=Roboto:400,500,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 14 Jan 2023 18:52:59 GMT
Date: Sat, 14 Jan 2023 18:52:59 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cybertel.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 18:52:59 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 685199
expires: Thu, 04 Jan 2024 18:52:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syvrBFsu0pWlE%2FS2FPGh2AnYiziC63UW1Qy0ZQ34i%2FuNJ24MJwPiOA1jhnBgQqBCl9Gb5HHV1Fn2fr5LF9HYNKQyf4j7LGpK%2FqrX5mQdGlnS8lkg6s9zoH0O7J24ztFuKNYJm0YF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78989268b89ab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.25.14

200 OK

4.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cybertel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 18:52:59 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1949429
expires: Thu, 04 Jan 2024 18:52:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXj6CEAQcjbKRP%2BybNk4GYwnzbz6NnXCwSNk8Gba2erd2sVA8Tg%2FwZXnO5WM7eq%2BF64JvxzUno7rmMJzvg5c5HtL16yaQV%2FzhhoS0uxvgG5wwfTXiUaHRKKCRtKnMndPHHjBQt8T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78989268bbd1b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

104.17.25.14

200 OK

1.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3201), with no line terminators
Size
1.5 kB (1541 bytes)
Hash
8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9

HTTP Headers

GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cybertel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 18:52:59 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3768480
expires: Thu, 04 Jan 2024 18:52:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLkpe2kIs9nTqOOXL4A8B6TlKmFSQIU250abx6TK5%2BY8mEEicPsMvaxJK2nNQO8huKD%2BQR35tZUkmCHvmTk%2FzMbz4VBOabc6Wp5%2FlNAfzCYKXqOqpHMYgAGpPQe438HLyZHYKdO%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78989268bbdab50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

104.17.25.14

200 OK

1.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (4862)
Size
1.4 kB (1399 bytes)
Hash
a08c3702f999b6cbd18c635f8e88421f
2938a9a742af0e1e7de5b58ad293c61d2838014b
3b512cbaa646370f0897e5e1e7cbab220a2382de70f24e994e88ef4f5121a39c

HTTP Headers

GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cybertel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 18:52:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 1399
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-1359"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 782491
expires: Thu, 04 Jan 2024 18:52:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhFe1tItNwUIaUzszVuiwQ%2Bc7dHPUkT%2Fyq639lPFhnDoEAMDGrUBQpYUNYXgdp1RjXM7U60r5epQAJGStsraq2sHvUFPh%2BaFhYRMra%2BpylBgJyvumTg%2FHudGgBMGiib8%2BURMysO%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78989268cbe5b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 18:52:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cybertel.com/assets/js/vendor/bootstrap/css/bootstrap.min.css?v=2

64.187.239.229

200 OK

61 kB

URL HTTP/1.1
cybertel.com/assets/js/vendor/bootstrap/css/bootstrap.min.css?v=2
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (60003)
Size
61 kB (61166 bytes)
Hash
fdc62d3a74546b5b4cf660a8e8f7e1f7
25f47ced16bf81a472fce840daca479f2011228e
a5e92aae4cf3ce2638e69b043836402f38b9ef77905b2522bbee24cccf8eaebb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/bootstrap/css/bootstrap.min.css?v=2 HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sat, 12 Sep 2020 17:17:43 GMT
ETag: "eeee-5af20faadd169"
Accept-Ranges: bytes
Content-Length: 61166
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 18:52:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cybertel.com/assets/css/search.css?v=2

64.187.239.229

200 OK

500 B

URL HTTP/1.1
cybertel.com/assets/css/search.css?v=2
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
assembler source, ASCII text
Size
500 B (500 bytes)
Hash
57f56f905358037e78efb996652c806d
436f5f3ceb97ed2fe73aa7ef3069ae444138de2e
b6260924099ca1d94b7bf9f22b26225652719a1ea5d174511c6ea0d429375b11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/search.css?v=2 HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Fri, 14 Jan 2022 19:28:29 GMT
ETag: "1f4-5d58fcebbb140"
Accept-Ranges: bytes
Content-Length: 500
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cybertel.com/assets/vendor/scrollreveal/scrollreveal.min.js

64.187.239.229

200 OK

9.1 kB

URL HTTP/1.1
cybertel.com/assets/vendor/scrollreveal/scrollreveal.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (9053), with no line terminators
Size
9.1 kB (9053 bytes)
Hash
5deb4348d63c0bfbce81c338d35db100
e7d5811bb79a7f27ebd7f4abb3213df9796a3361
4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/vendor/scrollreveal/scrollreveal.min.js HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 10 Sep 2017 23:38:15 GMT
ETag: "235d-558de4dcfc7c0"
Accept-Ranges: bytes
Content-Length: 9053
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

cybertel.com/assets/js/base64.js

64.187.239.229

200 OK

3.4 kB

URL HTTP/1.1
cybertel.com/assets/js/base64.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text
Size
3.4 kB (3439 bytes)
Hash
0e08f39e85c80c407a60444bebeb82ce
68a52fb8d724589ccca05d8d670556d4b87d4a9e
7ed71baa47a20efe97a93699e3a6cff9ab3084422979e9017928c316f72a85c7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/base64.js HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Tue, 26 Apr 2022 16:02:53 GMT
ETag: "d6f-5dd90d3445feb"
Accept-Ranges: bytes
Content-Length: 3439
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cybertel.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js

64.187.239.229

200 OK

5.6 kB

URL HTTP/1.1
cybertel.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
5.6 kB (5555 bytes)
Hash
3eac3c72434a0945b92dd4a01f7b6b4e
7767b356530e39cd76ec259320b0b2774b4097a8
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/vendor/jquery-easing/1.3/jquery.easing.min.js HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Fri, 06 Oct 2017 22:27:54 GMT
ETag: "15b3-55ae85a182e80"
Accept-Ranges: bytes
Content-Length: 5555
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cybertel.com/assets/css/fs2.css?v=1

64.187.239.229

200 OK

6.4 kB

URL HTTP/1.1
cybertel.com/assets/css/fs2.css?v=1
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text
Size
6.4 kB (6385 bytes)
Hash
3f462268720c97f1fe3af283f0abaa69
75dbc429835d0a25c3c8b3634c0dbedd572bc2ec
1fbd0d474f222ea612627fe59ebae5fff908a8a26a49ff17decf419edecc2e93

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/fs2.css?v=1 HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 08 Nov 2021 23:54:41 GMT
ETag: "18f1-5d04fb76a2a2e"
Accept-Ranges: bytes
Content-Length: 6385
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

cybertel.com/assets/js/vendor/bootstrap/js/bootstrap.min.js

64.187.239.229

200 OK

29 kB

URL HTTP/1.1
cybertel.com/assets/js/vendor/bootstrap/js/bootstrap.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (28544)
Size
29 kB (28931 bytes)
Hash
c6e17711c76af125c14a958f1ea615b6
5bab8533f7cbfd72c9584d82cea927f237942205
56b8046a6dc65542cb3cdbc4a8da4268c64e33f25afd4ba8cb3bb76f55db910e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sat, 30 Apr 2016 00:40:06 GMT
ETag: "7103-531a900310580"
Accept-Ranges: bytes
Content-Length: 28931
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cybertel.com/assets/js/numbers2words.min.js

64.187.239.229

200 OK

21 kB

URL HTTP/1.1
cybertel.com/assets/js/numbers2words.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
Unicode text, UTF-8 text, with very long lines (20352)
Size
21 kB (20651 bytes)
Hash
a3706cd911e65ca964a60508942d2614
ef6f850f0790fab3b4acbef4a0782d60726788f3
11f05ca2184e34e772401d6f4b9ad7e4d4914bb66c775f0188c3632f62095434

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/numbers2words.min.js HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sat, 24 Jul 2021 00:06:34 GMT
ETag: "50ab-5c7d34b064d99"
Accept-Ranges: bytes
Content-Length: 20651
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

cybertel.com/assets/js/vendor/jquery.js

64.187.239.229

200 OK

84 kB

URL HTTP/1.1
cybertel.com/assets/js/vendor/jquery.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (32061)
Size
84 kB (84244 bytes)
Hash
6631a779321bc03f4a5281d3ff526254
5be8bf17be5085d803dfcbe59f8d6e584b516679
797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/jquery.js HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 17 Apr 2016 02:51:32 GMT
ETag: "14914-530a5524bf500"
Accept-Ranges: bytes
Content-Length: 84244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cybertel.com/assets/css/font-awesome.min.css

64.187.239.229

200 OK

22 kB

URL HTTP/1.1
cybertel.com/assets/css/font-awesome.min.css
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (21822)
Size
22 kB (21984 bytes)
Hash
feda974a77ea5783b8be673f142b7c88
b71d1c7c315b67c614563382d1c2a868ac14d729
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

HTTP Headers

GET /assets/css/font-awesome.min.css HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:52:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 17 Apr 2016 02:51:26 GMT
ETag: "55e0-530a551f06780"
Accept-Ranges: bytes
Content-Length: 21984
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

fonts.googleapis.com/css?family=Oxygen:400,300,700

142.250.74.74

200 OK

390 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Oxygen:400,300,700
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
390 B (390 bytes)
Hash
606a38c3a9da6758a6b91ff97648c0bc
d79a479e1889893a57b4e980cdfcd150d227ade5
a6507cd38f0de1dca381d3431fdaf9920a572e614265f2fe19bd9fb60244c17c

HTTP Headers

GET /css?family=Oxygen:400,300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 14 Jan 2023 18:53:00 GMT
Date: Sat, 14 Jan 2023 18:53:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 18:17:25 GMT
age: 2135
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16172, version 1.0\012- data
Size
16 kB (16172 bytes)
Hash
891cacadb2d3449b6f342f571dc743ae
e35ea255304a2981b27f6c2822eb4fd8eaa984d5
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

HTTP Headers

GET /s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cybertel.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16172
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 09 Jan 2023 02:30:07 GMT
Expires: Tue, 09 Jan 2024 02:30:07 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 18:30:51 GMT
Content-Type: font/woff2
Age: 490973

cybertel.com/assets/images/Dave2.jpg

64.187.239.229

200 OK

65 kB

URL HTTP/1.1
cybertel.com/assets/images/Dave2.jpg
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, manufacturer=Apple, model=iPhone 11, orientation=upper-left, xresolution=186, yresolution=194, resolutionunit=2, software=14.8.1, datetime=2021:11:22 02:08:25, hostcomputer=iPhone 11], baseline, precision 8, 480x640, components 3\012- data
Size
65 kB (64652 bytes)
Hash
9d24eb168b3db24f7f3c7ac42a161db7
bf9e99d9ca1bd15535d3fcca6066e1023285ddad
90f752f514701946fd2dcbc8682df68fdf9a77ec15cc559f4d8d832fd5af71e6

HTTP Headers

GET /assets/images/Dave2.jpg HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:53:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 22 Nov 2021 11:12:32 GMT
ETag: "fc8c-5d15eb3869899"
Accept-Ranges: bytes
Content-Length: 64652
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cybertel.com/assets/images/whatsapp2.png

64.187.239.229

200 OK

64 kB

URL HTTP/1.1
cybertel.com/assets/images/whatsapp2.png
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
PNG image data, 1447 x 522, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64316 bytes)
Hash
1ebbc3ecb77046b6565d7c5acf79b591
e848c7b8cd99fe5b4e0ccad23c807d547941da52
bfb43eed68d9909a3fc38c3af6db60a8cd5f393aa0228f8d867eab8a5f488a55

HTTP Headers

GET /assets/images/whatsapp2.png HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:53:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 22 Aug 2021 08:18:09 GMT
ETag: "fb3c-5ca218a71d240"
Accept-Ranges: bytes
Content-Length: 64316
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6518
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 18:53:00 GMT
Last-Modified: Sat, 14 Jan 2023 17:04:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

cybertel.com/assets/images/bg/background.jpeg

64.187.239.229

200 OK

89 kB

URL HTTP/1.1
cybertel.com/assets/images/bg/background.jpeg
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1260x709, components 3\012- data
Size
89 kB (89054 bytes)
Hash
b5b478a49d1b4f9c9bcfb627b2461e72
2fd192ac33ed368a9f288bc20af4deb0c3a24559
69c184ce5536f053a088e8f8d251e8d71056a6c1ce9275d5ca2154d000aafa3a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/images/bg/background.jpeg HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/assets/css/fs2.css?v=1
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:53:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Thu, 10 Sep 2020 20:10:41 GMT
ETag: "15bde-5aefb29a04c38"
Accept-Ranges: bytes
Content-Length: 89054
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

cybertel.com/assets/fonts/fontawesome-webfont.woff?v=4.2.0

64.187.239.229

200 OK

66 kB

URL HTTP/1.1
cybertel.com/assets/fonts/fontawesome-webfont.woff?v=4.2.0
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
Web Open Font Format, TrueType, length 65452, version 1.0\012- data
Size
66 kB (65452 bytes)
Hash
d95d6f5d5ab7cfefd09651800b69bd54
7d65e0227d0d7cdc1718119cd2a7dce0638f151c
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

HTTP Headers

GET /assets/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cybertel.com/assets/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:53:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 17 Apr 2016 02:51:28 GMT
ETag: "ffac-530a5520eec00"
Accept-Ranges: bytes
Content-Length: 65452
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff

push.services.mozilla.com/

35.161.132.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.132.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oZ1majNz1eyvWRD5Zq6+6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XalqXHoslTWukbjPgds81QdCoDs=

cybertel.com/favicon.ico

64.187.239.229

200 OK

1.6 kB

URL HTTP/1.1
cybertel.com/favicon.ico
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
PNG image data, 20 x 18, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1634 bytes)
Hash
5e816413fff7b9f7b61fa2fe6f969849
782f0bf1f7d143b29b62e40d4fa42784d72c2b25
40be4fe03d735beb6cf5cde6e5cba64e2915d4314939cd4a107c5344af720fc6

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:53:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 07 Feb 2022 09:56:30 GMT
ETag: "662-5d76a9d6025ab"
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18540
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 18:53:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18540
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 18:53:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18540
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 18:53:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18540
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 18:53:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8181 bytes)
Hash
d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 76576
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:58:29 GMT
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
age: 46472
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5371 bytes)
Hash
d9c918c3f0569cbf09fdcd8998e2fc00
ad06e348d49e8ae0550d922b50bc2a1d4905457a
8f96e49cf0dbbad59d260d0f991d79eb72ea25dcc0caa5ba4480056bd918d07d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5371
x-amzn-requestid: fcbafc8b-5b89-49e6-8ebd-157cb3b24a55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qnERXoAMFsZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce43-3eb3b4d84dbf415a3dec1308;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AbaES_6874zaabJY_z0_FOZfJx86Zsv-osNxWqzef8DDNyelo0HRtQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 75840
etag: "ad06e348d49e8ae0550d922b50bc2a1d4905457a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9154 bytes)
Hash
b1378f107c1996ade14a8fe7fd728072
f52d98d9a0d1d343a539689ea14acf99e148cf8c
4be994757ec7ec42929590169de199e927889261334e258903a0929a1055047d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9154
x-amzn-requestid: fbb1140d-7ec2-4f86-8761-5d04601af70e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAkCEN2IAMFuMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ae6-4baebf1104f9cf2a0ee8a538;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jlRcVyQppaQaPPMKaqadtaEHfdOYXXXbnfrr44l_2E2qaOoh_O0Mog==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:21:52 GMT
age: 52269
etag: "f52d98d9a0d1d343a539689ea14acf99e148cf8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9135 bytes)
Hash
64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RnAGo4OuBl5UjyOlUOJqu2nlFLHTOe0ETxokWtbI4frbpkNVnIBSew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:41:40 GMT
age: 61881
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7447 bytes)
Hash
2363dbe7bb6a459853d8d19cab50e70b
ded76de1dd453e40dbf6eaa8607cf19fac7f71a4
f96da6354cec52143768014c36ba2b298224a58b0bf38bd2aa5f3bfce69d8670

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7447
x-amzn-requestid: dd3543b7-4e6b-4605-acea-a21d39af02ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qSFjAIAMF7HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce41-56e2ccc63669032d70cba0ba;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AYaeawnEmwHkyx3h-yliVx-ARcRB3W5kbtFH5tARnL3YMD6e4WYAQw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 75840
etag: "ded76de1dd453e40dbf6eaa8607cf19fac7f71a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cybertel.com/assets/images/animi_wp.gif

64.187.239.229

200 OK

9.2 MB

URL HTTP/1.1
cybertel.com/assets/images/animi_wp.gif
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
GIF image data, version 89a, 369 x 369\012- data
Size
9.2 MB (9191692 bytes)
Hash
2e26b61a6cad7c6795dd1dcd27ca3f8e
8bfca6689f366a642a172ad05bb58364a68616db
11a0c04c0172ef92af4d3788f24fb1e70b64379712158fc541440bdc6363153e

HTTP Headers

GET /assets/images/animi_wp.gif HTTP/1.1
Host: cybertel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cybertel.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlZNcjFrSncwbm1iekcyZUJGejc5cnc9PSIsInZhbHVlIjoiamZYVUppdXZOekpsN2tkbWRPZWx4cnV1S0lkYkhhQWJzN1wvRnp4MVwvM0ZTRkM5R25LOGtEQ1VVVTZGbDBoNnpQIiwibWFjIjoiN2Q0N2Q1MjNlZTM5MzkwZTY4N2E0NDJkNmVhMmZmYTY5ZjU0ODNlNWM1Njc2NTlhNGY2NzQwZDhmNzk3Zjc4NyJ9; webflex_session=eyJpdiI6IlhjWmZOUmJ6c2t5bUwzT2NKTFBjWnc9PSIsInZhbHVlIjoiUGNmd29NVmloemVTV2ZYalNRVkpGVEF5NFwvUFBKRHUzWGlXTkFRRDBGR05ZMXZkdDRIWkFYdndlTVhZeWRGVnAiLCJtYWMiOiIyZTAzMjA1MjI5NmQ5YzhhNDcyM2ZhZmEzYjQ5MzAwZWFiNDdlNzcwYjNjNWJjYWY2ZTAzNDBkMjE2Y2NlYTgyIn0%3D

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 18:53:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 02 May 2022 12:10:50 GMT
ETag: "8c410c-5de06487c14ba"
Accept-Ranges: bytes
Content-Length: 9191692
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif

play.videoo.com/VCall.webm

67.219.148.18

206 Partial Content

0 B

URL HTTP/1.1
play.videoo.com/VCall.webm
IP
67.219.148.18:0
ASN
#54455 MADEIT

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /VCall.webm HTTP/1.1
Host: play.videoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://cybertel.com/

HTTP/1.1 206 Partial Content
Date: Sat, 14 Jan 2023 18:53:00 GMT
Server: Apache/2.4.37 (AlmaLinux) OpenSSL/1.1.1k
Last-Modified: Wed, 21 Dec 2022 22:29:20 GMT
ETag: "3bcba1-5f05e1572e8ae"
Accept-Ranges: bytes
Content-Length: 3918753
Content-Range: bytes 0-3918752/3918753
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: video/webm

fonts.googleapis.com/css2?family=Stardos+Stencil:wght@700&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Stardos+Stencil:wght@700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Stardos+Stencil:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cybertel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jan 2023 18:52:59 GMT
date: Sat, 14 Jan 2023 18:52:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML