| bmousa.click/assets/images/fdic.png |  188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/3bmousa.click/assets/images/fdic.png IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typePNG image data, 200 x 200, 8-bit colormap, non-interlaced Hash1f216d4d130a1157674345d7c20e20b3 b4676bf182ac9cfe51aaf6d0709e5dfc591a3ae6 944f5f59fb5cff5bcfa135c92c8424dc678ef747a6114fbf926a59a2b07593c5
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /assets/images/fdic.png HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/png
content-length: 6323
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "18b3-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEqIaWO80Il4jpdSdCDcZ3Vc1A39dInTqX2ak2F2UqhhtZC2oGgP%2F5l8erstegEu1LPqex2IUBozWf6A9lEJzwJgZI6F3GgHpSt2QeT7Ksfio7A%2FKMVkk4Huv88M%2B3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180697bf6f56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/login_files/styles.330d80deccf75709.css | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3bmousa.click/login_files/styles.330d80deccf75709.css IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash0159e1a8e243f244267f294ce8e8454a 44c033e7e94693674eaa6e79604325cd94b332a2 f0629367675eb8c0b7ef8121abb171165308fdd1bb733ddd90feaec5be6c9440
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login_files/styles.330d80deccf75709.css HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: text/css
content-length: 17003
last-modified: Thu, 25 Apr 2024 13:29:49 GMT
etag: "18842-616ebc8028d40-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1b41bX1I8LR5CLdGhyI3diohW70wrMeopgm%2FF51tAEDuHjJazXfjcJq6DbXyGZRLC6Tpw6Lp2cVsZlMoYtaXey4%2FUEn6uV8HvKflzlM6cO%2Fpy5l7UFgc6U8I71BvKRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697bf6456a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/assets/images/ehl.png | 188.114.97.1 | 200 OK | 6.5 kB |
URL GET HTTP/3bmousa.click/assets/images/ehl.png IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typePNG image data, 200 x 200, 8-bit colormap, non-interlaced Hashe19cb0a8ff7940341fe40ed00dada53c 6c298785abc2f256b1c1f44a211892ef73950ae0 324dfccf399348f7a1c9351a4ee814e21a37bc98895d55009b43dc1cfd1e39ba
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /assets/images/ehl.png HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/png
content-length: 6512
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "1970-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FDrIJWmGSqAoqqnhkJppGV37tISPtnxuLYM4eXt%2FtxOYkesXPZhZP6qZdZM48m%2B7H6wvbiLGbYjQ2ZbAWKCbJG7PDeCkmD%2F5%2BcDR%2B8S0ubKIN1TFJB6mrMkYUm7aw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180697bf7056a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/login_files/jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F | 188.114.97.1 | 200 OK | 31 kB |
URL GET HTTP/3bmousa.click/login_files/jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login_files/jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: application/javascript
content-length: 30910
last-modified: Thu, 25 Apr 2024 13:29:49 GMT
etag: "15d84-616ebc8028d40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhtIZ4q6kX5VojsiYGDHqZdwQ7WKafTX52VxvCNi1cg7%2Fa9214%2FSvh7mgCkprbJ3nDnem11uCMUBwmdnjycyiv38s7c%2Ffh7GUQho0M8m725uO8Dile1xEvYSs32dI1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697cf8656a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/assets/images/minimize_icon.svg | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3bmousa.click/assets/images/minimize_icon.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeSVG Scalable Vector Graphics image Hash60268176f4a56d3f8874307e543a7e14 c8cfb12398cb22bdaa6903bdf81ee542c7932514 50fc9d4ee7cda06611bb7dc71bec1b47412333bff019d7660e16fd5bbef1a9b0
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /assets/images/minimize_icon.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: W/"f2-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69Ng8AwlFnyDJH4nJpuxv%2FLsnKDljYAZs%2FduREYSqOBHQZrwMLJ3qBiT4ukxHTNrvw0iNK2gZJSvcJGzOKnmCp7cnVmOG4xyNxgZtN7bqXAzvaMGBOsTR0OabpRfrag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180697cf7c56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/login_files/Logo_Master-Reverse(1).svg | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3bmousa.click/login_files/Logo_Master-Reverse(1).svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typegzip compressed data, max compression, from Unix Hash541f6f5e1f5c7fba7ec594e083e38ad0 fce2198475dad4a3c75a611747c9bf896adc256e 61e328aaf7b5ab669f0834a28544cdb2a871e225276e70b080e54cae1e1d00c3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login_files/Logo_Master-Reverse(1).svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:49 GMT
etag: W/"ef5-616ebc8028d40"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dor0OglpbDV668ndlyY5q0XLbJl6hngfngRbytDpCdOEq6peVfuwkKU2Sjbe9y%2BZZvvDxDw3u14axDgVhPtUKYeJWQOORLLnJGKb18bUXLpcMrDNVno%2BVOrAOCFuUh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697bf6a56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/assets/images/take-a-look-at-your-accounts.svg | 188.114.97.1 | 200 OK | 32 kB |
URL GET HTTP/3bmousa.click/assets/images/take-a-look-at-your-accounts.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typegzip compressed data, max compression, from Unix Hash0f9ffbd6319a6aa4f11ce082d450bc62 269f14dd5dcfd6b30f3c679d9674da0342610c74 3248f4540bde8fb3892e59b509fc757b87b11312e12d28812a6625a8b19929dd
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /assets/images/take-a-look-at-your-accounts.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: W/"3da2-616ebc7f34b00"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0xFDQ%2BgNDEOKfPasAPCCqzfTNQ5%2FgczCZ8k5p2S5W7uDGJ7pkjC636xbtO%2FwO8rjoltOV0g0zin%2BVPxy2%2F8WXETQb4PVHYdHyKD6%2BxQjL5FdSQaCc3eN%2BL2WwVZHE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697cf8056a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/login_files/Logo_Master.svg | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3bmousa.click/login_files/Logo_Master.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typegzip compressed data, max compression, from Unix Hash7a6f16956f9004fbe3695da906524c6c a0a2ae8971581bafa0010bfffd2339a1b45b7d6d b6e8224efaa40de032dc50a65465de1e06ed401d6cab77fe23c04f9a3617ed4e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login_files/Logo_Master.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:49 GMT
etag: W/"ef4-616ebc8028d40"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPalWYGC%2FzskHNWZ4BnKjNrFLIm1MxKVA1%2B8mcHMTnY%2FPm5wL0GBd8%2BiiWS68Zm62oYuavOYybAgbz9xRd2xa1jQltt5k1skoUuxa8eteOSEOuXybvTkbW1bHLEr1u0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697cf8256a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/login_files/Logo_Master-Reverse.svg | 188.114.97.1 | 200 OK | 31 kB |
URL GET HTTP/3bmousa.click/login_files/Logo_Master-Reverse.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typegzip compressed data, max compression, from Unix Hash48a75738423075f9776e6fc8a0ff1bda a320948044bd30c91ab699a0367a5e2dab310fa5 ceeede219a116c0f9aa54151d12784f0c5fe42ac6e32d015afdd6988cc1640d6
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login_files/Logo_Master-Reverse.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:49 GMT
etag: W/"ef5-616ebc8028d40"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSr5SYc26tLnLTwjozSNQjxdG1xg%2Fnmnu%2Bs7sIb7eZMZKqbI5HQ3%2BdYGlZoExjOV%2FTDdeexymq%2ByndtV9nYIBXs1i2q%2BnH1qELOLctSdu0lHhn%2FFCa5PllZf469kfzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697bf6556a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/capco-icon-fonts.e3dce399bcb18ec3.woff | 188.114.97.1 | 200 OK | 47 kB |
URL GET HTTP/3bmousa.click/capco-icon-fonts.e3dce399bcb18ec3.woff IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeWeb Open Font Format, TrueType, length 47132, version 0.0 Hashbdd2d7e7a2b19da123e3dd0aa2b6ba13 336b4abd79c8aa3f658c359e33bc5581955b72ad a6752fc2e494367dabaf484e095493fb7865ff58800abfc71123dc282d95b4f3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /capco-icon-fonts.e3dce399bcb18ec3.woff HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: application/font-woff
content-length: 47132
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "b81c-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l89%2BpvYFMU4iyLVogtpmgZtFDiNe17Z2lcGTt9OugDXkLBHfFI3EY9I3LTiKZzqEKsLIcBbDd52WzL7kEobjecz4eNM5fAcsR129pHYVIkahLlJTHZRRTlLpdz0TV3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818069898b156a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/assets/images/close_icon.svg | 188.114.97.1 | 200 OK | 808 B |
URL GET HTTP/3bmousa.click/assets/images/close_icon.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeSVG Scalable Vector Graphics image Hash55769bc38246f79f9dbc054a8f6b2b6a 2875a364b4edac56315b647b4a80288c5425ea87 a922b34d92609202c1ade203b3d118b26264c608cea70ec506c9deda0a84978e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /assets/images/close_icon.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: W/"328-616ebc7f34b00"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LA%2FbMKnKB81xqoeTORDsi8wGUnNFkFyg0yrnp%2Fj7aJ24fTEEVjD6cD9KSL6XGxPqgRiUFbgh8fii%2B6jTr9s0L7wYwEIErI8VczlMCHF8CKhaUJ%2BH34aVZwhD23xcoYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697cf7f56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/Heebo-Regular.f807eddb777f8cc0.woff2 | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3bmousa.click/Heebo-Regular.f807eddb777f8cc0.woff2 IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28632, version 1.0 Hash0ec52131c89aec5adb27d61223543ced ec24f7cf191c89d67076361a5449cff46b81570e c8eaf794d7920f0d958001cab7b9c403efb89217b4d5c3ad648de792bc590bff
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /Heebo-Regular.f807eddb777f8cc0.woff2 HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-length: 28632
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "6fd8-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvaPyiTm1DF6oXz4RgBeOKncz9q377gzjGiNy5XiuCTcY7RzuVmaqsVqaqbd5EMZBCvi8H9pkH3sSDEz6fZDebvae%2F7OvRo2UfV04P3kkyT8wRlJe3SoZUxvIFZtPX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818069898ac56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/favicon.ico | 188.114.97.1 | 200 OK | 1.2 kB |
IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash98a8f6231b8840dcd15a34000539c1e0 afe1f0bf1ebc23ced559189ebc678a36ebf3729c 2e9fc0625183383670d077427884473d8b0e04ab1dc479372246fdd2334fe072
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /favicon.ico HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: W/"47e-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCAk6BFMFoKXEMLcCZmUXjrNOuJ4VWhRvUCPzrfKR0RRG0jIgz1oLjX8PvNIBSjYRyEaDlfDrrvwd3Xcj1vK374aCTa48u9p2EMZbJQXecoHHRyN844sCCFsbZYm7Q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180699ba4656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/assets/images/bmo-logo_2.svg | 188.114.97.1 | 200 OK | 2.2 kB |
URL GET HTTP/3bmousa.click/assets/images/bmo-logo_2.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeSVG Scalable Vector Graphics image Hash9ad5272aa281180ca604b472f6a20ecd 5c4fb5579743f0a859bad799c23e209e89bd8ae1 9c483d1c02a221c041f279c0d8f74301e6ec39ab666b13c6ea65314e6bea7a0a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /assets/images/bmo-logo_2.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: W/"89b-616ebc7f34b00"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ni9py5ery3oonlHmV0vgEQyvmeBlyF%2FZbvEBzLTIbfr5UiJfvq93Lxo9aKt1dW6CUatnCTI%2F0wvyIUmAeRzSip71MZfwFKCbllOUnEDmNybvglgaIRypwU8YyOJWhg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697bf6c56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/Heebo-Medium.8df563692fcd9fd0.woff2 | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3bmousa.click/Heebo-Medium.8df563692fcd9fd0.woff2 IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28596, version 1.0 Hashe1ec2e8632e031aaacebf19c22be7f94 5f477c6850c9623b37ca85115005bc8e17c99a32 6b0775312a70463baadc76ad84f408bf91b13da73fd1b2df4ea62233484d5a1e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /Heebo-Medium.8df563692fcd9fd0.woff2 HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-length: 28596
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "6fb4-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6o4zZkif6e5Wdr%2Fh%2FyVij8WyLbAygVtLy8tYeB1h4ZH8ZiiVfjlnVx8hTnY2dnrYSxU9opaTqWqmt9cjT%2B%2BWkYn3cV909TRzy8pi8pCnipPt24CEqQ3%2FMiH4BSHDdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180698a8cc56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.97.1 | 200 OK | 291 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSh9P5rOYpR4%2FQULQqU2x720GGcT%2FAawb1QBDH2YrLGjy0AW0P%2BJMSPjjAvkrv1izarJDg5scbRglqu3m5H3y4RiI4KkGYUONcytiIbld7Swcwk8cO9LHQTma1cu8RQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881806946b1b7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bmousa.click/Heebo-Bold.acf14f737f7438f7.woff2 | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3bmousa.click/Heebo-Bold.acf14f737f7438f7.woff2 IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28560, version 1.0 Hashf7bc99b64b780c65fc75a44644084a6e fb0e3ded3e6072c86a3e86f94695e2576f9758f5 f2e10df61c61ac80916ace8bb9d8166788127143cfb9f189e8c3daff7727c96d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /Heebo-Bold.acf14f737f7438f7.woff2 HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-length: 28560
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "6f90-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1kRjMSL0%2FDQbs%2BbSTgI2CxOxMnjZAq9vLG0bHtxhMXGkUFsIrPHF4ddvx3b%2BDsJuQUUdU9NS2DGaXnnhW3OMus9VgOUKAMfJt7J7rFoYnD%2B8jUXK80BFM1PYnm8N3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180698c8ef56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/Heebo-Light.b37fd88770249dfa.woff2 | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3bmousa.click/Heebo-Light.b37fd88770249dfa.woff2 IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28476, version 1.0 Hash400e8b71de50f49b7b0d8677fd9d81de 9303146a35fff66540170a40ff33b0ea29a0ba79 207ee410a833bdc6e9258c826ce60b8cb26471e6fac689e18d8ea8c7c5a9b585
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /Heebo-Light.b37fd88770249dfa.woff2 HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-length: 28476
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "6f3c-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgRhd3yfVzHnoZT2Juc9X6S8UKQvrrWDjxUOKgGi%2Fbuzjt4C6Xkh5Y41q0%2FLl6Y5OzbuM6FRXXLzrC%2FTSb3XgPq9fJ9y8Q2SuwEMiFbMKK1bru1JtIFISHb%2BQ1fIb2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180698b8db56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/build/b.8cc58ef1821ab39c.svg | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3bmousa.click/build/b.8cc58ef1821ab39c.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeSVG Scalable Vector Graphics image Hashfc28cf8f2ed67f184837b61b032d72a3 ff1ce98294932d69f96cf1d8022a695ae79d06ab 796dcd946af0c1fc5766612670318808a465172b912369ebe17c04a71ef0dc8b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /build/b.8cc58ef1821ab39c.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: W/"5a4-616ebc7f34b00"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ik8RVYDYQ1lcEaccvzKlXqVGQaEr5DHxP9nvPo4V151UYKfLNgoNxscx%2FCRikz%2B%2F9K8DyZNSxKlcC06RaOJwACfsKFzHkXfG03LApqWTjrzXSn7bst%2BJc%2FV9z64wmMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818069898a956a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/Heebo-Thin.5740d8571ba2c17c.woff2 | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3bmousa.click/Heebo-Thin.5740d8571ba2c17c.woff2 IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27808, version 1.0 Hashcf1c3a336717c93381070d238c90f782 d663d5b077c06d4bc1b8bdfe28657147bd77256a 0201b5d83335daa6995cb96075f758bb09b8ada45a736462adbc3a28f833afef
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /Heebo-Thin.5740d8571ba2c17c.woff2 HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-length: 27808
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: "6ca0-616ebc7f34b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsykYHcvpSfKITDid3XctKN7SWfu4osb%2BOwMsLJ4sZKCitUZA1U932erDlYex0f57V1F4HZ8Nqf0vjjbWhKapjMw2XwPQqn8PmM1p5T7FZRbU5nnjol6lVJ3wBAmGmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88180698b8d856a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bmousa.click/assets/images/Logo_Master.svg | 188.114.97.1 | 200 OK | 3.8 kB |
URL GET HTTP/3bmousa.click/assets/images/Logo_Master.svg IP188.114.97.1:443
Requested byhttps://bmousa.click/login.php CertificateIssuerGoogle Trust Services LLC Subjectbmousa.click FingerprintCE:24:CE:0B:D8:91:BD:3C:49:71:05:27:5D:54:FE:DC:DD:AA:34:24 ValiditySat, 04 May 2024 16:25:32 GMT - Fri, 02 Aug 2024 16:25:31 GMT
File typeSVG Scalable Vector Graphics image Hashcc7e515d9803f675c078fab93fb82c44 6f736baef39f70ba3c3b7eaea5179cff09c9f410 dd2573228e20a1b91a05f24f1d980e573746c94d69258d61a9a0f7f9b13ab4eb
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /assets/images/Logo_Master.svg HTTP/1.1
Host: bmousa.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bmousa.click/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 06:55:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 13:29:48 GMT
etag: W/"ef4-616ebc7f34b00"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8ik8umXOXfsiteOLpXjZoa0nZ0Dk90N2DV4RdB6KVDtpy8yeh9sJxKODw9V%2FUzBwjMXq9OA8BavQzNiTrr%2BMPy8ZvwZ%2Btxe63N3WbNv2PgAWHpJZqBLIKYwTyPx9JU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180697bf6656a4-OSL
alt-svc: h3=":443"; ma=86400
|
|