| fgq.cyberfort-web-click.click/img/aGT3gskzWBf.ico |  172.67.132.246 | 200 OK | 619 B |
URL GET fgq.cyberfort-web-click.click/img/aGT3gskzWBf.ico IP172.67.132.246:443
Requested byhttps://fgq.cyberfort-web-click.click/ CertificateIssuerGoogle Trust Services Subjectcyberfort-web-click.click Fingerprint46:C8:A6:AD:FA:A3:67:26:B3:EE:4F:78:08:5F:1C:70:C8:EC:39:3D ValidityFri, 04 Apr 2025 05:31:43 GMT - Thu, 03 Jul 2025 06:30:07 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash1c60b9aef9f028ac057d6fac3618e3a0 d2a8787836d950ff10e4c92e641d4f41eeb7ee0c e0ccbbdacd2e2565785a8f45dfcb75381cbb20c37981299f2d448a4838a8a399
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /img/aGT3gskzWBf.ico HTTP/1.1
Host: fgq.cyberfort-web-click.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fgq.cyberfort-web-click.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 18 Apr 2025 11:39:54 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lfx8yaxQ6%2B92LIptXmwKAsIsXRAljXmWaB2KyKUSEGrw8TSCF2dd4ln3YnImXqFlSYspHdfqQxn7O2D2jUEqfVA8tiYi3n2sZ50cCGE912S6QLxzPJ6eApfX4qhNPiijxDOzps32nPjMWRg7POq77w%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 30 Dec 2024 12:46:39 GMT
etag: W/"26b-62a7c3421cee0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 9323e2614d6b569f-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7231&min_rtt=1012&rtt_var=5263&sent=310&recv=76&lost=0&retrans=0&sent_bytes=307365&recv_bytes=5618&delivery_rate=19860&cwnd=139200&unsent_bytes=0&cid=a132c4e1a7cbd3f1&ts=1865&x=16"
|
|
| fgq.cyberfort-web-click.click/ | 172.67.132.246 | 200 OK | 4.7 kB |
URL User Request GET fgq.cyberfort-web-click.click/ IP172.67.132.246:443
CertificateIssuerGoogle Trust Services Subjectcyberfort-web-click.click Fingerprint46:C8:A6:AD:FA:A3:67:26:B3:EE:4F:78:08:5F:1C:70:C8:EC:39:3D ValidityFri, 04 Apr 2025 05:31:43 GMT - Thu, 03 Jul 2025 06:30:07 GMT
File typeHTML document, ASCII text, with very long lines (531), with CRLF line terminators Hash407b83f73c9406e273d3c08abfec68d4 44b291024c7276ac5869855b2fa4b7ac047bf65a ad67a35e46f74d5d944ea5ecf04688b3945b094ed1bd25bee0a8cb947f256ace
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
| NIDS | Severity | Alert |
|---|
| suricata | low | ETPRO INFO HTTP Request to a *.click domain |
GET / HTTP/1.1
Host: fgq.cyberfort-web-click.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 18 Apr 2025 11:39:53 GMT
content-type: text/html
server: cloudflare
last-modified: Sun, 23 Feb 2025 17:38:19 GMT
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9323e25579780b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fgq.cyberfort-web-click.click/img/index.png | 172.67.132.246 | 200 OK | 291 kB |
URL GET fgq.cyberfort-web-click.click/img/index.png IP172.67.132.246:443
Requested byhttps://fgq.cyberfort-web-click.click/ CertificateIssuerGoogle Trust Services Subjectcyberfort-web-click.click Fingerprint46:C8:A6:AD:FA:A3:67:26:B3:EE:4F:78:08:5F:1C:70:C8:EC:39:3D ValidityFri, 04 Apr 2025 05:31:43 GMT - Thu, 03 Jul 2025 06:30:07 GMT
File typePNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced Size291 kB (290709 bytes) Hash69420a815d5b7ea73b194b06b8fbc47a 8d0efe799fded9a2a76746f1f532b1ba1dd66fe5 b758abaf7fd47d3988a636e8e76bc0323dbfa6f3e175688c542b8c3b447eda5a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /img/index.png HTTP/1.1
Host: fgq.cyberfort-web-click.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fgq.cyberfort-web-click.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 18 Apr 2025 11:39:54 GMT
content-type: image/png
content-length: 290709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bl1d%2FJclU1ukjX6GGBZjxt1CUQMZa3uhwNXDvsnPXvaBpVT84ZC8KTGAKmYnjfI29tZ6JCf5AYgATkmf6sjVTwtpLSOzQTsq%2FSmVV1mIgB19sRiQu6%2B1depoABRr5Fr6XqGA%2BOEHUWVU54E%2B6ulXyA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 27 Dec 2024 06:40:34 GMT
etag: "46f95-62a3abd69a3b5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 9323e25d3d32569f-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11089&min_rtt=1012&rtt_var=9301&sent=54&recv=66&lost=0&retrans=0&sent_bytes=5968&recv_bytes=4673&delivery_rate=2168&cwnd=12000&unsent_bytes=0&cid=a132c4e1a7cbd3f1&ts=1204&x=16"
|
|
| fgq.cyberfort-web-click.click/js/index.js | 172.67.132.246 | 404 Not Found | 315 B |
URL GET fgq.cyberfort-web-click.click/js/index.js IP172.67.132.246:443
Requested byhttps://fgq.cyberfort-web-click.click/ CertificateIssuerGoogle Trust Services Subjectcyberfort-web-click.click Fingerprint46:C8:A6:AD:FA:A3:67:26:B3:EE:4F:78:08:5F:1C:70:C8:EC:39:3D ValidityFri, 04 Apr 2025 05:31:43 GMT - Thu, 03 Jul 2025 06:30:07 GMT
File typeHTML document, ASCII text Hash75299dd21816b0c9c526617847b13794 3e29b349a70ef2f9547d6277b29d3419614b6754 9035f43b4d43ce0e3444f88819d6847ded253c623943432afcfb25ad705e63ca
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /js/index.js HTTP/1.1
Host: fgq.cyberfort-web-click.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fgq.cyberfort-web-click.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 18 Apr 2025 11:39:54 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FTFymZXLK5C89FDKhSL5h1Ux8dBEf%2F5pDGD%2BDQ0s8P%2FtDkYDaSG7fI5Yyq3BRsUq94ovLqBmf%2FsUMdGYY4KhQ9%2BK58qzKyq96YwJxjBkgb9JieS%2BpkK3E9BhPXPjYN7dWDhIOwhiYqZfxHK5ypvbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 9323e25d1d2d569f-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7366&min_rtt=1012&rtt_var=5596&sent=305&recv=72&lost=0&retrans=0&sent_bytes=305507&recv_bytes=4942&delivery_rate=23293578&cwnd=139200&unsent_bytes=0&cid=a132c4e1a7cbd3f1&ts=1231&x=16"
|
|
| fgq.cyberfort-web-click.click/css/index.css | 172.67.132.246 | 404 Not Found | 315 B |
URL GET fgq.cyberfort-web-click.click/css/index.css IP172.67.132.246:443
Requested byhttps://fgq.cyberfort-web-click.click/ CertificateIssuerGoogle Trust Services Subjectcyberfort-web-click.click Fingerprint46:C8:A6:AD:FA:A3:67:26:B3:EE:4F:78:08:5F:1C:70:C8:EC:39:3D ValidityFri, 04 Apr 2025 05:31:43 GMT - Thu, 03 Jul 2025 06:30:07 GMT
File typeHTML document, ASCII text Hash75299dd21816b0c9c526617847b13794 3e29b349a70ef2f9547d6277b29d3419614b6754 9035f43b4d43ce0e3444f88819d6847ded253c623943432afcfb25ad705e63ca
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /css/index.css HTTP/1.1
Host: fgq.cyberfort-web-click.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fgq.cyberfort-web-click.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 18 Apr 2025 11:39:54 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VM5ph32TrcRqxS9U3LljAqgoSByNRSnqSStOrDO%2FgwSuGQWPWkvV9QOzJ8rEr0alY3m56Sb9OGBxHRoyG91BP3L6H7idrcBGBSqIi9BoU%2FcPcfOoVa3NHR3JyyPD1BR1oIZiVN5cW0COsLqf%2BbtCjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 9323e25d3d30569f-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7841&min_rtt=1012&rtt_var=7147&sent=133&recv=70&lost=0&retrans=0&sent_bytes=99568&recv_bytes=4851&delivery_rate=6591905&cwnd=52800&unsent_bytes=0&cid=a132c4e1a7cbd3f1&ts=1218&x=16"
|
|
| fgq.cyberfort-web-click.click/css/index.css | 172.67.132.246 | 404 Not Found | 315 B |
URL GET fgq.cyberfort-web-click.click/css/index.css IP172.67.132.246:443
Requested byhttps://fgq.cyberfort-web-click.click/ CertificateIssuerGoogle Trust Services Subjectcyberfort-web-click.click Fingerprint46:C8:A6:AD:FA:A3:67:26:B3:EE:4F:78:08:5F:1C:70:C8:EC:39:3D ValidityFri, 04 Apr 2025 05:31:43 GMT - Thu, 03 Jul 2025 06:30:07 GMT
File typeHTML document, ASCII text Hash75299dd21816b0c9c526617847b13794 3e29b349a70ef2f9547d6277b29d3419614b6754 9035f43b4d43ce0e3444f88819d6847ded253c623943432afcfb25ad705e63ca
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /css/index.css HTTP/1.1
Host: fgq.cyberfort-web-click.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fgq.cyberfort-web-click.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 18 Apr 2025 11:39:54 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTP21n7XWXLd7zrmh2eInc7tO9FFVE49PUz4J31%2BiDE6OuZyA9uNDuAHFBPg3E63Vaeb699swsKjVi0kz0BF3cpKjmKq35W3WZtCReqiK3S0gpSaSBZW6wRyVqRf%2BpkJL%2BH05%2FNnKGWQlDzN5koFpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 9323e260dd64569f-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6685&min_rtt=1012&rtt_var=5560&sent=308&recv=74&lost=0&retrans=0&sent_bytes=306456&recv_bytes=5274&delivery_rate=6540206&cwnd=139200&unsent_bytes=0&cid=a132c4e1a7cbd3f1&ts=1322&x=16"
|
|