| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hashb0a38afa1a81eaf7109c25902b12c227 57c94b7613bb7dea82efa968f8d6adc28bd23a84 c23d9e9620acb098975298499b8029a4ce2614136ceb809c2c1d4da972e260b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Thu, 18 Apr 2024 04:54:18 GMT
Server: ECAcc (amb/6AC3)
X-Cache: Miss from cloudfront
Via: 1.1 5dbb5d54ce8d1d6f8480679ed6115d1c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: tMqbsf-ETTv5-cO-_8wHmodmZvzB-c2ZPIlkgnzEPhKJDxA_pgycbA==
|
|
| acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ | 54.203.28.237 | 200 OK | 39 kB |
URL User Request GET HTTP/2acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ IP54.203.28.237:443
CertificateIssuerAmazon Subjectaccount-info.email Fingerprint12:E5:44:9E:2A:52:BC:A3:70:1A:84:ED:6B:D0:1B:B2:2F:B5:C5:11 ValidityTue, 16 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2294) Hash8099b16f1c3431ba5b928362cdc05e51 880a7606525a819ed6a67844385a0cd6b9f269f6 9e28709b89fc72200f3cd3ea71704f372240e84106fe257a4b0997ef9f7dd2fd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Office365 |
GET /grupoacir/11118782-wxNYd4qizMtanQ HTTP/1.1
Host: acir.postofficeweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:54:18 GMT
content-type: text/html; charset=utf-8
content-length: 39264
server: nginx
cache-control: no-store
pragma: no-cache
content-security-policy: default-src 'self'; img-src * data:; frame-src 'self' *.google.com ironscales.com *.ironscales.com *.eu.pendo.io *.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.ironscales.com *.eu.pendo.io *.pendo.io *.googletagmanager.com *.google-analytics.com *.googleapis.com *.google.com *.gstatic.com *.statuspage.io code.jquery.com cdn.jsdelivr.net appsforoffice.microsoft.com js.sentry-cdn.com d.bablic.com staticmediafiles.s3.amazonaws.com platform.instagram.com wwwimages.adobe.com ajax.aspnetcdn.com https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js; style-src * 'unsafe-inline'; font-src *; connect-src * webpack:; media-src *
vary: Cookie
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ty_bk5wxx82kilmq7o6qlw2.css | 152.199.23.37 | 200 OK | 20 kB |
URL GET HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ty_bk5wxx82kilmq7o6qlw2.css IP152.199.23.37:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (61177) Hashb72fc12b9597c7cd8a8a5310ecee902f 301ad20ccef3b7247e716da874e43b193ab3cbf2 2d7a11ba79b08b7c687e4a80e11e5004e2ce2786fa96666104bfe3a4289f658b
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ty_bk5wxx82kilmq7o6qlw2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acir.postofficeweb.com
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 1890990
cache-control: public, max-age=31536000
content-md5: YEnCwK0i2XrZTJ0nVXrZrg==
content-type: text/css
date: Thu, 18 Apr 2024 04:54:19 GMT
etag: 0x8D8F61EFB02FBB4
last-modified: Fri, 02 Apr 2021 21:33:39 GMT
server: ECAcc (ska/F6F5)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c61e6cc3-501e-006a-2819-801611000000
x-ms-version: 2009-09-19
content-length: 19633
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg | 152.199.23.37 | 200 OK | 621 B |
URL GET HTTP/2aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg IP152.199.23.37:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash4e48046ce74f4b89d45037c90576bfac 4a41b3b51ed787f7b33294202da72220c7cd2c32 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2078137
cache-control: public, max-age=31536000
content-md5: R2FAVxfpONfnQAuxVxXbHg==
content-type: image/svg+xml
date: Thu, 18 Apr 2024 04:54:19 GMT
etag: 0x8D8852A740F01B9
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: ECAcc (ska/F695)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4c2f906d-401e-0037-6c65-7eaa39000000
x-ms-version: 2009-09-19
content-length: 621
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg | 152.199.23.37 | 200 OK | 673 B |
URL GET HTTP/2aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg IP152.199.23.37:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashbc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2082068
cache-control: public, max-age=31536000
content-md5: DhdidjYrlCeaRJJRG/y9mA==
content-type: image/svg+xml
date: Thu, 18 Apr 2024 04:54:19 GMT
etag: 0x8D7B007297AE131
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F732)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 52d23733-f01e-004c-3a5c-7e7d2e000000
x-ms-version: 2009-09-19
content-length: 673
X-Firefox-Spdy: h2
|
|
| staticmediafiles.s3.amazonaws.com/media/uploads/heber%40nektgroup.com/2022/09/12/microsoft-logo-700x394.png | 52.217.231.217 | 200 OK | 8.3 kB |
URL GET HTTP/1.1staticmediafiles.s3.amazonaws.com/media/uploads/heber%40nektgroup.com/2022/09/12/microsoft-logo-700x394.png IP52.217.231.217:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typePNG image data, 700 x 394, 8-bit colormap, non-interlaced Hashd8a1d3c9a51474e08453f03b7301e276 5c3fe9cf2fb26bd19fae4ef5959212dfa35bd1b4 a01f87df58cf9204302528f196340b0ab0a401d79875f6dce5d45a84c780c3ab
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /media/uploads/heber%40nektgroup.com/2022/09/12/microsoft-logo-700x394.png HTTP/1.1
Host: staticmediafiles.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Xvv4rEzbe/yBDjU0th0GMIm/GbeCeyxbSKAHvYB6NXAq8ztH9ibBkl7De+BL7L67kjsZ9mZWdLQ=
x-amz-request-id: HSNAKEJS6S6FJ674
Date: Thu, 18 Apr 2024 04:54:20 GMT
Last-Modified: Mon, 12 Sep 2022 20:14:55 GMT
ETag: "d8a1d3c9a51474e08453f03b7301e276"
x-amz-server-side-encryption: AES256
x-amz-version-id: puxsdgYU5BT7iVXSkj3wthLa8esgmDOq
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 8325
|
|
| staticmediafiles.s3.amazonaws.com/static/webapp/js/jquery-1.11.0.min.js | 52.217.231.217 | 200 OK | 96 kB |
URL GET HTTP/1.1staticmediafiles.s3.amazonaws.com/static/webapp/js/jquery-1.11.0.min.js IP52.217.231.217:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32341) Hash8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /static/webapp/js/jquery-1.11.0.min.js HTTP/1.1
Host: staticmediafiles.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: f7YfAuK/pZ5y22x1OE2Yy8DgbqEHLi9G0iNAHpLFTxz9kuRMHfIRAVL/Lt8Ie1zTAIEbA212sJA=
x-amz-request-id: HSND9CG8KC1J7BN6
Date: Thu, 18 Apr 2024 04:54:20 GMT
Last-Modified: Mon, 04 Jul 2016 08:58:20 GMT
ETag: "8fc25e27d42774aeae6edbc0a18b72aa"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 96381
|
|
| acir.postofficeweb.com/favicon.ico | 54.203.28.237 | 404 Not Found | 146 B |
URL GET HTTP/2acir.postofficeweb.com/favicon.ico IP54.203.28.237:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerAmazon Subjectaccount-info.email Fingerprint12:E5:44:9E:2A:52:BC:A3:70:1A:84:ED:6B:D0:1B:B2:2F:B5:C5:11 ValidityTue, 16 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /favicon.ico HTTP/1.1
Host: acir.postofficeweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 04:54:20 GMT
content-type: text/html
content-length: 146
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| acir.postofficeweb.com/tracking/create_click_event/11118782-wxNYd4qizMtanQ | 54.203.28.237 | 200 OK | 21 B |
URL POST HTTP/2acir.postofficeweb.com/tracking/create_click_event/11118782-wxNYd4qizMtanQ IP54.203.28.237:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerAmazon Subjectaccount-info.email Fingerprint12:E5:44:9E:2A:52:BC:A3:70:1A:84:ED:6B:D0:1B:B2:2F:B5:C5:11 ValidityTue, 16 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT
Hash79be822f7304ffaaeb68aa8b0336848b acc79c84f5cdcf1277d8aa905e6290b70c65e862 8e348a2876686697c17bc2784470cbebe761146f0bbfc180a67a52793117882d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
POST /tracking/create_click_event/11118782-wxNYd4qizMtanQ HTTP/1.1
Host: acir.postofficeweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://acir.postofficeweb.com
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:54:20 GMT
content-type: application/json
content-length: 21
server: nginx
cache-control: no-store
pragma: no-cache
content-security-policy: frame-src 'self' *.google.com ironscales.com *.ironscales.com *.eu.pendo.io *.pendo.io; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.ironscales.com *.eu.pendo.io *.pendo.io *.googletagmanager.com *.google-analytics.com *.googleapis.com *.google.com *.gstatic.com *.statuspage.io code.jquery.com cdn.jsdelivr.net appsforoffice.microsoft.com js.sentry-cdn.com d.bablic.com staticmediafiles.s3.amazonaws.com platform.instagram.com wwwimages.adobe.com ajax.aspnetcdn.com https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js; connect-src * webpack:; img-src * data:; font-src *; style-src * 'unsafe-inline'; media-src *
vary: Cookie
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
X-Firefox-Spdy: h2
|
|
| members.ironscales.com/static/training/js/confirm_data_entry_on_typing.js | 54.186.229.89 | 200 OK | 848 B |
URL GET HTTP/2members.ironscales.com/static/training/js/confirm_data_entry_on_typing.js IP54.186.229.89:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerAmazon Subjectironscales.com Fingerprint41:1B:AB:B6:13:F1:42:45:8D:B3:82:38:9F:75:A2:B0:0A:D7:B9:78 ValiditySun, 17 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (927), with no line terminators Hashc20f3f80b705c17650e50700066c6a0b e919dd805cfcb5fed055dd85b997416a3f9a0068 5e2978f8de6577103d5b59597a45a9542318b889db87dbe2709e3c446ee9e346
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /static/training/js/confirm_data_entry_on_typing.js HTTP/1.1
Host: members.ironscales.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:54:20 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 09 Apr 2024 12:35:00 GMT
vary: Accept-Encoding
etag: W/"661535f4-350"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| members.ironscales.com/static/training/js/create_click_event.js | 54.186.229.89 | 200 OK | 376 B |
URL GET HTTP/2members.ironscales.com/static/training/js/create_click_event.js IP54.186.229.89:443
Requested byhttps://acir.postofficeweb.com/grupoacir/11118782-wxNYd4qizMtanQ CertificateIssuerAmazon Subjectironscales.com Fingerprint41:1B:AB:B6:13:F1:42:45:8D:B3:82:38:9F:75:A2:B0:0A:D7:B9:78 ValiditySun, 17 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (436), with no line terminators Hash66620f62c189cc24f3abf63694516370 d43b1ed45ad363bb283bce7f267e03f54f89dab0 290965b906a4ecf899e668f23bd971f148094062af40ca88578b8e8102d4f2e5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /static/training/js/create_click_event.js HTTP/1.1
Host: members.ironscales.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acir.postofficeweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:54:20 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 09 Apr 2024 12:35:00 GMT
vary: Accept-Encoding
etag: W/"661535f4-178"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|