cybefreports.gymkeeper.fi Open in urlscan Pro
64.227.21.223 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cybefreports.gymkeeper.fi/
Submission Tags: phishingrod
Submission: On September 04 via api (September 4th 2024, 5:16:20 am UTC) from DE — Scanned from FI

Summary HTTP 10 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 64.227.21.223, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is cybefreports.gymkeeper.fi.
TLS certificate: Issued by E6 on September 3rd 2024. Valid for: 3 months.

This is the only time cybefreports.gymkeeper.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	64.227.21.223 64.227.21.223		14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	185.123.118.114 185.123.118.114		29422 (NBLNETWOR...) (NBLNETWORKS-AS Telia Cygate Oy)
1	172.64.147.188 172.64.147.188		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	4

4 64.227.21.223 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cybefreports.gymkeeper.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.123.118.114 (Finland)

ASN29422 (NBLNETWORKS-AS Telia Cygate Oy, FI)
PTR: hel1-185-123-118-114.ext.nebulacloud.fi

www.padadisegyms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	padadisegyms.com www.padadisegyms.com	601 KB
4	gymkeeper.fi cybefreports.gymkeeper.fi	4 KB
1	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 13950	29 KB
10	3

	Domain	Requested by
4	www.padadisegyms.com	cybefreports.gymkeeper.fi
4	cybefreports.gymkeeper.fi	cybefreports.gymkeeper.fi
1	pro.fontawesome.com	cybefreports.gymkeeper.fi
10	3

This site contains no links.

Subject Issuer	Validity	Valid
cybefreports.gymkeeper.fi E6	`2024-09-03` - `2024-12-02`	3 months	crt.sh
padadisegyms.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-08` - `2024-10-07`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://cybefreports.gymkeeper.fi/
Frame ID: 32B67C80F07883372C0E30C5FB3DE66F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Padadise Gyms | Error 404 - Page not found

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

635 kB
Transfer

943 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cybefreports.gymkeeper.fi/	2 KB 1 KB	2671ms 299ms	Document text/html	64.227.21.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cybefreports.gymkeeper.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.227.21.223 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy / Resource Hash `fddab018a29dc90f9ad685b7b8f257cc15ba7546b49224a30232866f498a6793` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 1049 content-type text/html; charset="UTF-8" date Wed, 04 Sep 2024 05:16:14 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Caddy vary Accept-Encoding
GET H/1.1	200 OK	bootstrap.css www.padadisegyms.com//assets/landing/css/	127 KB 19 KB	507ms 203ms	Stylesheet text/css	185.123.118.114 NBLNETWORKS-AS Te...
General Check archive.org Show headers Download Go to Full URL https://www.padadisegyms.com//assets/landing/css/bootstrap.css Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.123.118.114 , Finland, ASN29422 (NBLNETWORKS-AS Telia Cygate Oy, FI), Reverse DNS hel1-185-123-118-114.ext.nebulacloud.fi Software Apache/2.4.29 (Ubuntu) / Resource Hash `863a76afff586705cb1dc4dbed96800317ac79631463e9db8a2d122b0d7d3aa4` Request headers Referer https://cybefreports.gymkeeper.fi/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 05:16:14 GMT Content-Encoding gzip Last-Modified Sat, 07 Sep 2019 08:52:22 GMT Server Apache/2.4.29 (Ubuntu) ETag "1fcdd-591f2ac50405c-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 18673
GET H/1.1	200 OK	entypo.css www.padadisegyms.com//assets/landing/css/font-icons/entypo/css/	17 KB 4 KB	506ms 206ms	Stylesheet text/css	185.123.118.114 NBLNETWORKS-AS Te...
General Check archive.org Show headers Download Go to Full URL https://www.padadisegyms.com//assets/landing/css/font-icons/entypo/css/entypo.css Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.123.118.114 , Finland, ASN29422 (NBLNETWORKS-AS Telia Cygate Oy, FI), Reverse DNS hel1-185-123-118-114.ext.nebulacloud.fi Software Apache/2.4.29 (Ubuntu) / Resource Hash `58820cb68dfc11a83c4b797fcef209dcd1352239db0c29e001ce72f29d669211` Request headers Referer https://cybefreports.gymkeeper.fi/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 05:16:14 GMT Content-Encoding gzip Last-Modified Sat, 07 Sep 2019 08:52:22 GMT Server Apache/2.4.29 (Ubuntu) ETag "45f5-591f2ac50405c-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3664
GET H2	200	all.css pro.fontawesome.com/releases/v5.10.2/css/	153 KB 29 KB	1414ms 641ms	Stylesheet text/css	172.64.147.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.10.2/css/all.css Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c216b139b980f09ffe1903d9af52f16626ac0ba39eec345d63c8f6a27711bd01` Request headers Referer https://cybefreports.gymkeeper.fi/ Origin https://cybefreports.gymkeeper.fi User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 05:16:15 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 28 Jun 2021 16:57:34 GMT server cloudflare x-amz-request-id KXG59X8PG8Q0RKS4 etag W/"0a3e10729341a6fb072f5f342e9721c4" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET access-control-allow-origin * content-type text/css cache-control max-age=31556926 cf-ray 8bdb81a3be458d72-HEL x-amz-id-2 e3HahJShqvMIApg1sxlEPjBnv3rNE8mOjIhJDpLQcczrzOINkqC58rm0wxGRWpuIh6EpJfNz8DH4W0cIFHtwRO4aBwHD1j/hPm7FKbDGB0g=
GET H/1.1	200 OK	neon.css www.padadisegyms.com//assets/landing/css/	51 KB 7 KB	506ms 203ms	Stylesheet text/css	185.123.118.114 NBLNETWORKS-AS Te...
General Check archive.org Show headers Download Go to Full URL https://www.padadisegyms.com//assets/landing/css/neon.css Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.123.118.114 , Finland, ASN29422 (NBLNETWORKS-AS Telia Cygate Oy, FI), Reverse DNS hel1-185-123-118-114.ext.nebulacloud.fi Software Apache/2.4.29 (Ubuntu) / Resource Hash `26cac5a8873f58bb7bc569ff2ae118ff1100a66291587ba7da1bf8f9f979d012` Request headers Referer https://cybefreports.gymkeeper.fi/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 05:16:14 GMT Content-Encoding gzip Last-Modified Sun, 08 Sep 2019 08:34:38 GMT Server Apache/2.4.29 (Ubuntu) ETag "ca82-592068ab50652-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6671
GET H/1.1	200 OK	404.png www.padadisegyms.com//assets/landing/images/	585 KB 572 KB	505ms 202ms	Image image/png	185.123.118.114 NBLNETWORKS-AS Te...
General Check archive.org Show headers Download Go to Show image Full URL https://www.padadisegyms.com//assets/landing/images/404.png Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.123.118.114 , Finland, ASN29422 (NBLNETWORKS-AS Telia Cygate Oy, FI), Reverse DNS hel1-185-123-118-114.ext.nebulacloud.fi Software Apache/2.4.29 (Ubuntu) / Resource Hash `bb4b0a0a0463a8c79c2a3094bd45539d35f53c10d5ce800360113808d3cde28b` Request headers Referer https://cybefreports.gymkeeper.fi/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 05:16:14 GMT Content-Encoding gzip Last-Modified Sat, 07 Sep 2019 08:52:22 GMT Server Apache/2.4.29 (Ubuntu) ETag "924c0-591f2ac52151c-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	TweenMax.min.js Show response cybefreports.gymkeeper.fi/assets/neon/js/gsap/	2 KB 1 KB	283ms 283ms	Script text/html	64.227.21.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cybefreports.gymkeeper.fi/assets/neon/js/gsap/TweenMax.min.js Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.227.21.223 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy / Resource Hash `2db13dd80da4de48fc47e59fa90bd655864650ec1213ebfb482c2db700b23475` Request headers Referer https://cybefreports.gymkeeper.fi/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 04 Sep 2024 05:16:14 GMT content-encoding gzip server Caddy vary Accept-Encoding content-type text/html; charset="UTF-8" cache-control no-store, no-cache, must-revalidate content-length 1037 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	jquery-ui-1.10.3.minimal.min.js Show response cybefreports.gymkeeper.fi/assets/neon/js/jquery-ui/js/	2 KB 1 KB	263ms 263ms	Script text/html	64.227.21.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cybefreports.gymkeeper.fi/assets/neon/js/jquery-ui/js/jquery-ui-1.10.3.minimal.min.js Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.227.21.223 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy / Resource Hash `2db13dd80da4de48fc47e59fa90bd655864650ec1213ebfb482c2db700b23475` Request headers Referer https://cybefreports.gymkeeper.fi/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 04 Sep 2024 05:16:14 GMT content-encoding gzip server Caddy vary Accept-Encoding content-type text/html; charset="UTF-8" cache-control no-store, no-cache, must-revalidate content-length 1037 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	bootstrap.min.js Show response cybefreports.gymkeeper.fi/assets/neon/js/	2 KB 1 KB	264ms 264ms	Script text/html	64.227.21.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cybefreports.gymkeeper.fi/assets/neon/js/bootstrap.min.js Requested by Host: cybefreports.gymkeeper.fi URL: https://cybefreports.gymkeeper.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.227.21.223 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy / Resource Hash `2db13dd80da4de48fc47e59fa90bd655864650ec1213ebfb482c2db700b23475` Request headers Referer https://cybefreports.gymkeeper.fi/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 04 Sep 2024 05:16:14 GMT content-encoding gzip server Caddy vary Accept-Encoding content-type text/html; charset="UTF-8" cache-control no-store, no-cache, must-revalidate content-length 1037 expires Thu, 19 Nov 1981 08:52:00 GMT
GET		favicon.ico www.padadisegyms.com/assets/images/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.padadisegyms.com
URL: https://www.padadisegyms.com/assets/images/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cybefreports.gymkeeper.fi/	1970-01-20 23:17:49	Name: PHPSESSID Value: 29pugnqq6krd6jpl37537bim6a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cybefreports.gymkeeper.fi
pro.fontawesome.com
www.padadisegyms.com
www.padadisegyms.com
172.64.147.188
185.123.118.114
64.227.21.223
26cac5a8873f58bb7bc569ff2ae118ff1100a66291587ba7da1bf8f9f979d012
2db13dd80da4de48fc47e59fa90bd655864650ec1213ebfb482c2db700b23475
58820cb68dfc11a83c4b797fcef209dcd1352239db0c29e001ce72f29d669211
863a76afff586705cb1dc4dbed96800317ac79631463e9db8a2d122b0d7d3aa4
bb4b0a0a0463a8c79c2a3094bd45539d35f53c10d5ce800360113808d3cde28b
c216b139b980f09ffe1903d9af52f16626ac0ba39eec345d63c8f6a27711bd01
fddab018a29dc90f9ad685b7b8f257cc15ba7546b49224a30232866f498a6793