| bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn | 165.227.188.220 | 200 OK | 3.4 kB |
URL User Request GET HTTP/1.1bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash425ee35d9f86d4f37742690bff5ad0e6 b2f91b3bc9acd763b212d6515a9a4774d600cc50 62a69d24b06c1efa5762102f5459769c0d2e5e9ee53372394f936c433d74ff2b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/login.php?web/auth/SignOn HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3419
Content-Type: text/html; charset=UTF-8
Date: Thu, 28 Mar 2024 20:27:55 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
X-Powered-By: PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/bo1_files/jquery-3.3.1.min.js | 165.227.188.220 | 404 Not Found | 303 B |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/bo1_files/jquery-3.3.1.min.js IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashcb1309782630a5dc3ee5fbeb33b1fcfb 7562949a3f799e27f85f236136da805b62f706d2 d15d1c358335f75782b540a8ba09228040dd5f8dbe1126b29d09c34fee8e930f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/bo1_files/jquery-3.3.1.min.js HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 28 Mar 2024 20:27:55 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/css/csspage.css | 165.227.188.220 | 200 OK | 2.9 kB |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/css/csspage.css IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hasha6aa19349cf5fb482bcf123a0fdf7a29 9f99d723172a1581f7f1f536a2a56d76d9e68607 7a4b361a1347514a67c5d0c8b60924ee9d3b6452a4aaf0f364fe380522a8069b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/css/csspage.css HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 2924
Content-Type: text/css
Date: Thu, 28 Mar 2024 20:27:55 GMT
Etag: "b6c-5f3cdd4778080"
Last-Modified: Fri, 03 Feb 2023 16:04:02 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/js/popper.min.js | 165.227.188.220 | 404 Not Found | 303 B |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/js/popper.min.js IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashcb1309782630a5dc3ee5fbeb33b1fcfb 7562949a3f799e27f85f236136da805b62f706d2 d15d1c358335f75782b540a8ba09228040dd5f8dbe1126b29d09c34fee8e930f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/js/popper.min.js HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 28 Mar 2024 20:27:55 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/js/bootstrap.min.js | 165.227.188.220 | 404 Not Found | 303 B |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/js/bootstrap.min.js IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashcb1309782630a5dc3ee5fbeb33b1fcfb 7562949a3f799e27f85f236136da805b62f706d2 d15d1c358335f75782b540a8ba09228040dd5f8dbe1126b29d09c34fee8e930f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/js/bootstrap.min.js HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 28 Mar 2024 20:27:55 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/css/bootstrap.min.css | 165.227.188.220 | 200 OK | 195 kB |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/css/bootstrap.min.css IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (65305) Size195 kB (194901 bytes) Hash025df1ec88740cad5ff14bb3380da6dd 7abed070e37ce060c0a561575f1d41a7f248fc74 2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/css/bootstrap.min.css HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 194901
Content-Type: text/css
Date: Thu, 28 Mar 2024 20:27:55 GMT
Etag: "2f955-5f3cdd4778080"
Last-Modified: Fri, 03 Feb 2023 16:04:02 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/css/bootstrap.css | 165.227.188.220 | 200 OK | 238 kB |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/css/bootstrap.css IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (560) Size238 kB (237994 bytes) Hash43013d33bcecf0f1195aa58c7a0926b6 a8c91d112694af515388900703e8e2095f2ae9f4 cc74cfe73f80433ea003bd9ece71dfd6ba6f9698b770b6ee2139345c72a5989c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/css/bootstrap.css HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 237994
Content-Type: text/css
Date: Thu, 28 Mar 2024 20:27:55 GMT
Etag: "3a1aa-5f3cddd2b4900"
Last-Modified: Fri, 03 Feb 2023 16:06:28 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| message.bankofamerica.com/onlinebanking_demo/mobileApp_Simulator/modules/signin/images/signin_checkbox@2x.png | 152.199.21.168 | | 737 B |
URL GET message.bankofamerica.com/onlinebanking_demo/mobileApp_Simulator/modules/signin/images/signin_checkbox@2x.png IP152.199.21.168:0
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerEntrust, Inc. Subjectabout.bankofamerica.com FingerprintC6:9D:0B:EF:9E:02:58:35:B1:9F:59:2E:4D:79:A3:A3:B2:66:4C:4B ValidityMon, 29 Jan 2024 21:47:07 GMT - Fri, 28 Feb 2025 21:47:06 GMT
File typePNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced Hash8cf9bdaa3214814bc04eeb3fc1be2c1e df3bc9c2ef36617eebc048b6a5e252959152ca48 42e54051d3edb9d5be556cc9e56177ec4a47ab868451a249e01f70869e0ac0cc
GET /onlinebanking_demo/mobileApp_Simulator/modules/signin/images/signin_checkbox@2x.png HTTP/1.1
Host: message.bankofamerica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-credentials: true
age: 323104
cache-control: no-cache
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: ws: *.bankofamerica.com *.ml.com institute1.bofa.com bcbolt446c5271-a.akamaihd.net bcsecure01-a.akamaihd.net brightcove04pmdo-a.akamaihd.net hlsak-a.akamaihd.net hslsslak-a.akamaihd.net www.ustrust.ml.bac-assets.com www1.bac-assets.com c.betrad.com cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net edge.api.brightcove.com metrics.brightcove.com sadmin.brightcove.com secure.brightcove.com players.brightcove.net api.company-target.com cdn.cookielaw.org data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com dpm.demdex.net 1359940.fls.doubleclick.net www.glance.net storage.glancecdn.net www.glancecdn.net www.myglance.net cobrowse-location.glance.net s1056.glance.net www-bofa.myglance.net cdn-bofa.myglance.net googleads.g.doubleclick.net stats.g.doubleclick.net c.evidon.com dgcollector.evidon.com l.evidon.com www.facebook.com adservice.google.com cct.google.com www.google.com www.googleadservices.com www.google-analytics.com maps.googleapis.com www.googletagmanager.com maps.gstatic.com dc.ads.linkedin.com etui.fs.ml.com rg.ml.com bankofamerica.tt.omtrdc.net cdn.tt.omtrdc.net mboxedge34.tt.omtrdc.net akamai.tiqcdn.com tags.tiqcdn.com analytics.twitter.com vjs.zencdn.net cdnapisec.kaltura.com analytics.kaltura.com cfvod.kaltura.com geolocation.onetrust.com *.glance.net assets.adobedtm.com;font-src 'self' http: https: vjs.zencdn.net data:;
content-type: image/png
date: Thu, 28 Mar 2024 20:27:56 GMT
etag: "2ca-61377d4d48f40-gzip"
expires: Wed, 29 Mar 2023 20:27:56 GMT
last-modified: Tue, 12 Mar 2024 14:54:13 GMT
server: ECAcc (ska/F692)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-ua-compatible: IE=Edge, IE=Edge
x-xss-protection: 1; mode=block
content-length: 737
X-Firefox-Spdy: h2
|
|
| bfwroa.loclx.io/bf/o/web/assets/img/banner_bofa_295x29_2x.png | 165.227.188.220 | 200 OK | 19 kB |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/img/banner_bofa_295x29_2x.png IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typePNG image data, 590 x 58, 8-bit/color RGBA, non-interlaced Hashfd545cd4ba71d2046833bf905817dfdd 451b50987601c9f039fe052c15258aba3b2005df c701cb550ff6d8665b5c330c3fca253b06b62fbdadfc4e77307c00e8911dd672
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/img/banner_bofa_295x29_2x.png HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 19345
Content-Type: image/png
Date: Thu, 28 Mar 2024 20:27:56 GMT
Etag: "4b91-5f3cdd4778080"
Last-Modified: Fri, 03 Feb 2023 16:04:02 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/js/popper.min.js | 165.227.188.220 | 404 Not Found | 303 B |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/js/popper.min.js IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashcb1309782630a5dc3ee5fbeb33b1fcfb 7562949a3f799e27f85f236136da805b62f706d2 d15d1c358335f75782b540a8ba09228040dd5f8dbe1126b29d09c34fee8e930f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/js/popper.min.js HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 28 Mar 2024 20:27:56 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/img/fp_quad_ads.png | 165.227.188.220 | 200 OK | 22 kB |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/img/fp_quad_ads.png IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typePNG image data, 750 x 426, 8-bit colormap, non-interlaced Hashd5bf2fc8fed34b57a5c5eccced3e53f0 6e19671fcbe330f186e8898a55f330dab2d0161c 86926e766f8e6fab9300839f617b05235b66c6956fa8403735fdd8b90835609a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/img/fp_quad_ads.png HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 21761
Content-Type: image/png
Date: Thu, 28 Mar 2024 20:27:56 GMT
Etag: "5501-5f3cdd4778080"
Last-Modified: Fri, 03 Feb 2023 16:04:02 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| bfwroa.loclx.io/bf/o/web/assets/js/bootstrap.min.js | 165.227.188.220 | 404 Not Found | 303 B |
URL GET HTTP/1.1bfwroa.loclx.io/bf/o/web/assets/js/bootstrap.min.js IP165.227.188.220:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn CertificateIssuerSectigo Limited Subjectloclx.io Fingerprint4F:C4:6B:BA:E1:C2:F4:B1:EB:2B:6B:7C:A5:0C:36:69:00:61:8D:2A ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashcb1309782630a5dc3ee5fbeb33b1fcfb 7562949a3f799e27f85f236136da805b62f706d2 d15d1c358335f75782b540a8ba09228040dd5f8dbe1126b29d09c34fee8e930f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /bf/o/web/assets/js/bootstrap.min.js HTTP/1.1
Host: bfwroa.loclx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 28 Mar 2024 20:27:56 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
|
|
| clientbackarea.site/bo_files/lib/pics/favi.png | 0.0.0.0 | | 0 B |
URL GET clientbackarea.site/bo_files/lib/pics/favi.png IP0.0.0.0:0
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bo_files/lib/pics/favi.png HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| clientbackarea.site/bo_files/lib/pics/favi.ico | 0.0.0.0 | | 0 B |
URL GET clientbackarea.site/bo_files/lib/pics/favi.ico IP0.0.0.0:0
Requested byhttps://bfwroa.loclx.io/bf/o/web/login.php?web/auth/SignOn
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bo_files/lib/pics/favi.ico HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bfwroa.loclx.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|