3.6 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (325), with CRLF, LF line terminators
Hash 257a454249d83551c42b866074d8d7b8
a7ce5c92be04bd9da0ae4f7efbea8b3419a2327f
fd403f1caaca9a47c1b9842a876df604400b4f106c53f1b23cd40343c277cf84
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET / HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIs9xDtwAKViv7iGV7HWdiK8SBPj%2BQpdNfJ63wx6%2FKjMIHC%2Fey5x2Dzbklikdb2kaBKd2K5NHVffrrSdiRhplXr8Xx4t28ZUqAkyJk1fcRm0n54SH2IKPuYwIOarNwXzk5cQBVs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8310d1c66f0356c3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/css/style.css
200 OK 790 B URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/css/style.css
IP
Requested by http://mail.bbtb.c505.net/
Hash cb0406facabf211736e6c205c2f12016
7f1791f0433c297056a1b5013015d77162a843e8
63522559221cb1217733189ab984dfaa362299c4d4c81eedc494a0306b65f6f0
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/css/style.css HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: text/css
Content-Length: 790
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 00:22:00 GMT
last-modified: Mon, 17 Apr 2023 17:32:27 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 4692
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF4i3M6FvYHPPhnrsHVqa%2BNPsOQIZpY1Hg4uRb%2Flrrc8INEoYbP9H9aLXoZ5KCyxm624tw6FvIDNqyCIDz5Z1OKeri%2BmFIU%2FggIBlp2sVwMPJNA3oMXNPMdYtuVBuyMPuoa8vu8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8310d1c8bfaa56c3-OSL
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
200 OK 4.4 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (23577)
Hash 04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:12 GMT
content-type: text/css; charset=utf-8
content-length: 4364
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-5cbb"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1115566
expires: Mon, 25 Nov 2024 01:40:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BxT0lwWaO9z7Ml2tettUbZNm80el18ZGgl2SKkrSOQYky0NLEoIxAKhtz4eTGvGB0ITQGtXVWxzvx2QZyt3h5y%2F%2BMiNMcJL8ci579mUUmzQ2dDpNaDvLX3d%2FAHq%2Fuu3Jam8%2BIyP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8310d1c8e9d256aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
filebagasarya.com/img/info/navbar.png
200 OK 8.5 kB URL GET HTTP/2 filebagasarya.com/img/info/navbar.png
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectfilebagasarya.com
FingerprintF0:8B:F1:70:76:A3:14:5A:6C:27:24:64:49:E8:8F:71:89:4C:AF:BF
ValidityTue, 31 Oct 2023 12:31:08 GMT - Mon, 29 Jan 2024 12:31:07 GMT
File type PNG image data, 904 x 339, 8-bit colormap, non-interlaced\012- data
Hash f29c416a7c6f18ba0c0deb4980763c9d
56c7bfbf2c9a7a2be2e2214b0586c11af8e852bf
7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c
GET /img/info/navbar.png HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:12 GMT
content-type: image/png
content-length: 8459
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 01:57:44 GMT
last-modified: Mon, 06 Mar 2023 02:41:35 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 430948
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BILUjua26zqpJQ3rcijrZhUkQa%2FCGkN4%2BtjjbBonifcFDsUvSJsT9zvaaUlu7yt9rej3ZY7jT6EXSzzN4kK%2BD98Sw0%2BDSx3wcKn7XV2ZlM4uYLEZhUbtWJkF7ENPnFlVZCsbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8310d1c91b0056c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
filebagasarya.com/img/info/modelFb.png
200 OK 32 kB URL GET HTTP/2 filebagasarya.com/img/info/modelFb.png
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectfilebagasarya.com
FingerprintF0:8B:F1:70:76:A3:14:5A:6C:27:24:64:49:E8:8F:71:89:4C:AF:BF
ValidityTue, 31 Oct 2023 12:31:08 GMT - Mon, 29 Jan 2024 12:31:07 GMT
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Hash 571fc0253c6f01c953d4274981fc9d66
5331c3ae96ea4d421f8bde0d3e5565024c8c3abb
d3a1d3bb7a7c79edc9a08de2369f4f7f201a0852bfaf5526716382fc7ad902a1
GET /img/info/modelFb.png HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:12 GMT
content-type: image/png
content-length: 31990
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 01:57:44 GMT
last-modified: Mon, 06 Mar 2023 02:41:27 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 430948
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pA9XmW%2B1WuURyBZjUK%2BGMBOUv3tI6mGNPm7JbCO2Y5hAs0zXFijx7AHUhm%2F5cD4KSG5%2FdjrjzmFLSvfx0eQqiKO33BS6VopswrtLFEaUSbKyyLVU2Y%2F3mVAF8CC6dWx8c6LGZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8310d1c91b0156c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mail.bbtb.c505.net/bagas/css/asdhwalex.css
200 OK 974 B URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/css/asdhwalex.css
IP
Requested by http://mail.bbtb.c505.net/
File type ASCII text, with CRLF line terminators
Hash 3cd849c1ee66bd52919d7563adf98da1
ea62846a1a083db346e5fb1ee40d46ab6ef4a26a
7893d2fb081ec23c9fae1f774745dab58213e6892b09087c37689700d56df6a4
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/css/asdhwalex.css HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: text/css
Content-Length: 974
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Sun, 30 Apr 2023 21:07:22 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOhziYDJOnnG9Ny10XoEM2OifRLRXbbuHwaw87TZZ0QgimWhjcvyxbdTD4Kr5uYmLSVGg65GqAol2fLqe5cbZP6FylaYLD%2BpRPslKYlMqtFckdGhSy2kBYvWefv6vpeH42eA%2B%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8310d1c8b9c256aa-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/css/bagas.css
200 OK 1.1 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/css/bagas.css
IP
Requested by http://mail.bbtb.c505.net/
File type ASCII text, with CRLF line terminators
Hash ae8f5eac80c514b6ccffce75de1d2d70
eff4b0347b7c8ea58833f35c07e177f80fd28ad2
a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/css/bagas.css HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: text/css
Content-Length: 1057
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Thu, 13 Oct 2022 08:52:10 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FLAcb%2FOQJKFjj1TtbUOVWKwnnhr%2BjxjkS1vvgejNxi3QDvCkLD%2F9ZfSlpQZfluVHwi1seqlKe%2BBPsSpZAz9lvjAIzN9Pun1UAydup9F2N95O5%2FtA3jNEqDcey48LemduJFN0mI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8310d1c8b8dbb523-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/js/bagas.js
200 OK 31 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/js/bagas.js
IP
Requested by http://mail.bbtb.c505.net/
File type ASCII text, with very long lines (65447)
Hash 7c14a783dfeb3d238ccd3edd840d82ee
ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/js/bagas.js HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: text/javascript
Content-Length: 30960
Connection: keep-alive
last-modified: Thu, 20 Apr 2023 09:35:14 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vyABbbl9Z%2BuGc0w5ltUh0IiC22c4z8MEIBNZlIvqbAA%2Fyrcbm5sp2x%2Brw2z6cD74ekDcQHAEEN%2FkKRJca3XX6U0E6GJO414%2F9ZlJqzZPimlbvW68S2GfvR%2BDLa%2Fn1GOQCYX16s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8310d1c8dbd31bfa-OSL
alt-svc: h2=":443"; ma=60
file.gifan.id/fontawesome.js
200 OK 0 B URL GET HTTP/2 file.gifan.id/fontawesome.js
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fontawesome.js HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 06 Dec 2023 01:40:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 06 Dec 2023 02:40:12 GMT
Location: https://file.gifan.id/fontawesome.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEf2M29gy0zHCvTn7aj7TnpDjk3y846svAlPeFQwaHPxwuyEu%2B77lJS5XSUTqZtHfzelXrvTQC86eIYzlSlDV8B%2BgQVPLylCLt0QMxgRpd2IlEL0WuocADtjRjXXHlUz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1c94fc5d93b-HEL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/img/5.jpg
200 OK 169 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/img/5.jpg
IP
Requested by http://mail.bbtb.c505.net/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1086, orientation=upper-left, width=1080], baseline, precision 8, 1080x1086, components 3\012- data
Size 169 kB (168607 bytes)
Hash bff9f29f72cfd4e77609b8aed20a5cf7
1364883fd51628affa206ecbaa3ca936762add6d
a1feace6f3795fb7be0104efad2862cc1dfc174eef297fc0c218fd15dc40bbe0
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/img/5.jpg HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: image/jpeg
Content-Length: 168607
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Mon, 02 Oct 2023 21:34:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTglCli27apsVEMn0nB9dgmUBJyLuJtdilY78eBJVooIj2DqwTuT%2FJQyDL37kCgeXfhfGVddAA1lOY6Ymls%2FMdmEQdo2HDYQLhdRmCgR4kIEkYDbWGnmyhgOUGrTK4xe%2BYHl3Kw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1c9291cb523-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/img/6.jpg
200 OK 222 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/img/6.jpg
IP
Requested by http://mail.bbtb.c505.net/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1096, orientation=upper-left, width=1080], baseline, precision 8, 1080x1096, components 3\012- data
Size 222 kB (221604 bytes)
Hash befdc9ff4159ab86d0ba8a61fe1ddd17
9ec9c6e54c422480e1ee42b29a053fee8abf379a
4d2b73a81cdc828f2734f5d9bd143de5ac176f7d99cc78b0fc41cb76d1efa63f
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/img/6.jpg HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: image/jpeg
Content-Length: 221604
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Mon, 02 Oct 2023 21:34:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKQ5%2B1oDF%2FrsPaFTf8MoAdqYmlR6FwGyXQaCecIjqWEbbtM00RgCzF%2F3rKzAD1qDn4bZtIYiDPX7ASDAenCFv3mHLJeF6S8bXDkxf6cGB%2BhowosHh8xWnUZG2AsIXSWasidthOE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1c92fc456c3-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/img/2.jpg
200 OK 367 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/img/2.jpg
IP
Requested by http://mail.bbtb.c505.net/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1091, orientation=upper-left, width=1080], baseline, precision 8, 1080x1091, components 3\012- data
Size 367 kB (366884 bytes)
Hash 0a1f2f19c9662bdd1802981c4ad2019a
04d82614687b477eeb7c250dcd09dcc5cec63767
ebed843cee2927222f8c761c5ef33f1cc76aef1654bf4644c4bd41d84903b4a5
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/img/2.jpg HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: image/jpeg
Content-Length: 366884
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Mon, 02 Oct 2023 21:32:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Vcq8zQUf1FAO%2FR80l%2FqnfE0jX2wzweYSmds30azsJ%2FMY2A3umuHtASkEu%2BXBqeaolJoU9WQQdhEtHYrlB6FRSZzsRrM1%2FSovKYwda2EkqTQErJN1HNGXw6RddP7o7x9mpVHeW4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1c929e356aa-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/img/3.jpg
200 OK 260 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/img/3.jpg
IP
Requested by http://mail.bbtb.c505.net/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1095, orientation=upper-left, width=1080], baseline, precision 8, 1080x1095, components 3\012- data
Size 260 kB (259544 bytes)
Hash bfcbb109e43906bb3ec138a02b82df48
57a218cda73760a59b6cc4fa80a25a780a1470d1
363a8152f79e04f9856c4c6a7cd5312407a2d93ef47f7b3e0ae5ff1af030f8b7
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/img/3.jpg HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: image/jpeg
Content-Length: 259544
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Mon, 02 Oct 2023 21:33:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dW7KB%2FgXFLo2y%2FWItwKWeS15JV4cJksYXlPOLiotbrC7aTCYQsOolbGClQNDsmrzCpKc5YkuErwAVnpeZEm34DIg%2FnDmvndRN2lfxfZBxYTgo2IbaJyaoPmlCZ6Ktq360M801os%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1c92cf85691-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/img/4.jpg
200 OK 258 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/img/4.jpg
IP
Requested by http://mail.bbtb.c505.net/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1089, orientation=upper-left, width=1080], baseline, precision 8, 1080x1089, components 3\012- data
Size 258 kB (257795 bytes)
Hash 63691a57ee2f51b885bce86a6ecd6a66
413cd56d0a80f92f5e7a0aa75217c91354d9e4bc
8f181c2d1f248d867a66702f2638fcd6a4de1ff4996d3a970686b1e23529f6ae
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/img/4.jpg HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: image/jpeg
Content-Length: 257795
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Mon, 02 Oct 2023 21:33:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49gCm%2F%2BMSCZZkcEmz9Wvrf9vbTbYzr%2BAmy%2BC65%2BA8ir73zJqODI%2BBd%2B5rRv7LbOoX7CGejwqvSQBRH7U%2BDs3TC0sznQwqoCqkwcTmLXeEvcIB16f5ypwscRNa7ffD8d0Xk6GS7E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1c92bd5b500-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/img/1.jpg
200 OK 465 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/img/1.jpg
IP
Requested by http://mail.bbtb.c505.net/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1091, orientation=upper-left, width=1080], baseline, precision 8, 1080x1091, components 3\012- data
Size 465 kB (465123 bytes)
Hash 6de7d1ef202f2313021a8dc814aad18d
979af4f0eac4ae064f62e10689b322746ba6dff1
3379a69947bef0e1470d5c79f591e4ebed63949b2a9c05824326c5d7d966d6dd
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/img/1.jpg HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: image/jpeg
Content-Length: 465123
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Mon, 02 Oct 2023 21:31:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXoIG9byJbu3poDVhGWklAZVKdeny90vS6PlK87xvWq3fSC5iiidFLJcmjm4EgYmR542AlI17oXfpib7M8arQ36R9MnWA1dsWrjuC0y3NuhxKrXbSf3YXyiLleDqx13kqC%2FM9hU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1c96bf41bfa-OSL
alt-svc: h2=":443"; ma=60
mail.bbtb.c505.net/bagas/img/7.jpg
200 OK 330 kB URL GET HTTP/1.1 mail.bbtb.c505.net/bagas/img/7.jpg
IP
Requested by http://mail.bbtb.c505.net/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1091, orientation=upper-left, width=1080], baseline, precision 8, 1080x1091, components 3\012- data
Size 330 kB (330125 bytes)
Hash 61702d8c41806c8ab47ac74578415e05
02bae73ba1a777fadac466ff87275ccb99b7539e
c1db2b1b65dc76468fe7d51d76603b345794f2006d4691bbddf00376f731f380
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /bagas/img/7.jpg HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 01:40:12 GMT
Content-Type: image/jpeg
Content-Length: 330125
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 13 Dec 2023 01:40:12 GMT
last-modified: Mon, 02 Oct 2023 21:34:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7ZDecBKhkEMkD7qKqUBuHd47Nh%2FWweQQ1jyVOOhuRKqzSDSyNd8ftR%2B7BpoUhNWWMEUAbqMOavyqM6P8a8WGpWF0AGSv8dvHu50LkcqqcjmzZBCCRLyqAapvJ%2BIl6jCWS49b4w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1ca195fb523-OSL
alt-svc: h2=":443"; ma=60
ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803
200 OK 1.0 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT
File type ASCII text, with very long lines (608)
Hash e8ee688b3310772b65f39c69b76f4720
d57c6b7957aabb07762d473ea0b4bd3462f1175e
0e751f751587617116614deaf11f087ea82f7644196c1d0571f71fd549b556b5
GET /releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.bbtb.c505.net/
Origin: http://mail.bbtb.c505.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:12 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"e8ee688b3310772b65f39c69b76f4720"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 1fbc4ed92487877d10ad1d7d3fa8355e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P6
x-amz-cf-id: BKbEbC0oOr-3jKNI9qLTMkerl-pc4e3e1ke3L-0w_yxMLrnVMuzsmQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGM3cqgZe2pyCf12uvDhCElMlDNqVbf3cw2j%2BPNXHKj2a4LqWWaYtufjUtczq2z2uoj00h43tOnm%2B%2FMXfp11ucwflsXKKHSGATq9YmgpMJHmbaQVY2soyIULXz%2BP0gONEJbieCK6gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8310d1ccfe316548-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803
200 OK 131 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT
File type ASCII text, with very long lines (26019)
Size 131 kB (131043 bytes)
Hash c32e971c7d11c2407f847b61c515f1e2
85ac47a05e49f01cd62301ee121a2ca0dfdc0f83
a7fb3a26d569bec0139baaae950e43c1e10b0afbcf6e9d7654aa1181a8319759
GET /releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.bbtb.c505.net/
Origin: http://mail.bbtb.c505.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:12 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"c32e971c7d11c2407f847b61c515f1e2"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6c2060b8177554cc176ab1e04cbbfe1e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P6
x-amz-cf-id: Qq5hOx0CDlK2BzFAAxiE5C9pIeicLcMKuc10ofLX1IRdoslaMtkXmg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxTTEwufYpaURcyDeu%2BJ5L%2Fplu2QmgaiRKhrjnZbV%2BP2OHVCBX8Hm53kg6Rn2XEJa9%2BbX5Z04JUgaDVezRfjuVOhf5DMjjkSfXxMbRfGBqPNXvFrAyN5uZFwpBzolR2hJgnMkD6J6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8310d1ccfe2e6548-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.0.0/webfonts/free-fa-solid-900.woff2
200 OK 127 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.0.0/webfonts/free-fa-solid-900.woff2
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT
File type Web Open Font Format (Version 2), TrueType, length 126828, version 768.256\012- data
Size 127 kB (126828 bytes)
Hash d60a1707d7a69023a566fee0f0804a79
00a6fae0a2d0d5ab1125bb3f7aec55ee8165607e
28e42bc5102996223a42faf19a8abd7436644f3bc6d25a9f5de6add426ba138e
GET /releases/v6.0.0/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.bbtb.c505.net
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:13 GMT
content-type: font/woff2
content-length: 126828
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:20:18 GMT
etag: "d60a1707d7a69023a566fee0f0804a79"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 712d35d530e2ec4d6f746c10a7035922.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P6
x-amz-cf-id: th00bUh95EAnNF05znaRopaWyaln94x-_ksNw3aNkPCEWwzESkhawA==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJy8BZpMBXaQEZ1zPDrWKgDvcsNuwqTA%2FEL5Qe%2F3GthhT9%2B8YHGdLJ8koh3GSxEm8EGNmOryAsBznB14dVg0C9JdqSBtVq1Nd9rfnvUqBIJ7sTEob2xkKnDf7OUb4k1GbDNKkXndaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8310d1ce6f2e6548-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mail.bbtb.c505.net/favicon.ico
404 Not Found 1.2 kB URL GET HTTP/1.1 mail.bbtb.c505.net/favicon.ico
IP
Requested by http://mail.bbtb.c505.net/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash 24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /favicon.ico HTTP/1.1
Host: mail.bbtb.c505.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.bbtb.c505.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Wed, 06 Dec 2023 01:40:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unhlvMpRG4fLqlxhqKB7J1WT08qexqYw7MGPgb9kzyc6bZ6DeVTKxOgFAtqUIFAK730InUnMyBTN3ktF5ojPdnZXo6gN8jeOKXXP6dy1qqrHYOWfojrMOS9fRDIfpsMgtKvGRA0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8310d1ce2c921bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803
200 OK 90 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT
File type ASCII text, with very long lines (65321)
Hash 345f5ecc270c94968998574a2d37e31a
4b1937ca073a8376a07161bc40549585493ffa3d
efad9b46d0c00f2562eb53236717ff21ebd474f8d68f69b45f92c424bfd87e9c
GET /releases/v6.0.0/css/free.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.bbtb.c505.net/
Origin: http://mail.bbtb.c505.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:12 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"345f5ecc270c94968998574a2d37e31a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0f5bbd5df79d112fd797e0d8399395b2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P6
x-amz-cf-id: 79_WnJRQfKSgKsZRU2g7_Hyk_Vi5CC-_k6gSEV7wCNRnBVLJKgq8ow==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbTwxEvw%2BZMZhuJvLu%2BzV6kTxl7KTIo2Ri4kiv%2FeSC8ZKJb9j1QvFQh%2FRXsJ2gx5nao5KEZcny4o1e%2FXdNx5%2Bym1TKgnBichsLztUpVP9Df9SYW90HxSOMwS6tLRC9hdQvC3FcOkFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8310d1ccfe346548-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803
200 OK 1.8 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803
IP
Requested by http://mail.bbtb.c505.net/
Certificate IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT
File type ASCII text, with very long lines (1817), with no line terminators
Hash 3dedc00973400e03c5ede855beb3e8b5
c72d245eb6fa18840821a7d53634a4f8ac5119d0
a45344d4b89aadfcddc80ff5e6de83bcbb2799a2af99a046e1cea1dd6fe0f28c
GET /releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.bbtb.c505.net/
Origin: http://mail.bbtb.c505.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 01:40:12 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"369cbeaee8e26da69cc5b0a0700cd62c"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 851879d53a84651e63e2408132976dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P6
x-amz-cf-id: YLqQ8GHhRNXDB07wHXnopf9mXH7g_zxM7x__uOwbLcgGFY3Z9mLjaQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UHEbQJBMptAX29PZ1PL3VmZX4FATSBpHOsvu7GWrpd6%2B%2FrNrtB%2FxfW9DUpdyDWDnRhcfWw8FV9lB97EypTOvzRDZgJlVSn%2BoC96Tfl9%2BkjycBJ8gSjFcd0fNyn0zg5BFHf8%2BkHEKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8310d1ccfe306548-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
188.114.96.1
104.17.25.14
172.67.195.69