| exchange.add-solution.de/owa_ocbcadejsm_login/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form |  62.176.232.218 | 302 Found | 204 B |
URL User Request GET HTTP/1.1exchange.add-solution.de/owa_ocbcadejsm_login/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form IP62.176.232.218:443
CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash16e4a9364f62914257b51a06f5062a6d 746442c7baa7a38a66d3bd3549051033686c6ec0 29f00febceeee2a400583f07f582613899231fce2a76580e3932b313b782b5bf
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /owa_ocbcadejsm_login/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form/owa_ocbcadejsm_form HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Set-Cookie: ocbcadejsm_cookie=;Max-Age=0;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;httponly;secure
Location: /owa_ocbcadejsm_form
Cache-Control: no-cache
Content-Length: 204
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| exchange.add-solution.de/owa_ocbcadejsm_form | 62.176.232.218 | 200 OK | 1.1 kB |
URL User Request GET HTTP/1.1exchange.add-solution.de/owa_ocbcadejsm_form IP62.176.232.218:443
CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash0cd7da222e1578aed78df06b2e99e389 f2909661409cb803bb1913bd30aea9da62f7c336 98c42ff6a7488b82dd68b8b6b4d8f9aacaa968f572649b01c9213d409b40f5b3
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /owa_ocbcadejsm_form HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1089
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html
|
|
| exchange.add-solution.de/REF_RevAutExchangOtp/styles_responsive.css | 62.176.232.218 | 200 OK | 14 kB |
URL GET HTTP/1.1exchange.add-solution.de/REF_RevAutExchangOtp/styles_responsive.css IP62.176.232.218:443
Requested byhttps://exchange.add-solution.de/owa_ocbcadejsm_form CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
Hash3f7a018a03d464fb58079d0a0e4df675 6d4f2019c24da11405545ac29ce73ddf112665c8 7c9b1fdee5abb849c8ed9a2218673feb4ba476c0a0091c8353ce4594b3da9691
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /REF_RevAutExchangOtp/styles_responsive.css HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exchange.add-solution.de/owa_ocbcadejsm_form
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Last-Modified: Thu, 02 May 2024 22:00:35 GMT
ETag: "13637-6177fbb8b54a9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13846
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/css;charset=utf-8
|
|
| exchange.add-solution.de/REF_RevAutExchangOtp/logo.png | 62.176.232.218 | 200 OK | 10 kB |
URL GET HTTP/1.1exchange.add-solution.de/REF_RevAutExchangOtp/logo.png IP62.176.232.218:443
Requested byhttps://exchange.add-solution.de/owa_ocbcadejsm_form CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typePNG image data, 300 x 76, 8-bit/color RGBA, non-interlaced Hashce55721fad11957071605d7b164ee91b 9faec3a2988c2378525ff71510aae987b666d9dc 959e58279a99e4cc1e75675f8decd42248da989fc9c2b49e20551e12be04186f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /REF_RevAutExchangOtp/logo.png HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exchange.add-solution.de/owa_ocbcadejsm_form
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Last-Modified: Thu, 02 May 2024 22:00:35 GMT
ETag: "26d5-6177fbb8ceae9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9964
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: image/png
|
|
| exchange.add-solution.de/REF_RevAutExchangOtp/Sign_in_arrow.png | 62.176.232.218 | 200 OK | 1.2 kB |
URL GET HTTP/1.1exchange.add-solution.de/REF_RevAutExchangOtp/Sign_in_arrow.png IP62.176.232.218:443
Requested byhttps://exchange.add-solution.de/owa_ocbcadejsm_form CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typePNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced Hash2fc55ac36211fb6b5a051281cc4898ad 5e2b2882d0bdbe593429a43de72ee3c3652e62ce 07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /REF_RevAutExchangOtp/Sign_in_arrow.png HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exchange.add-solution.de/owa_ocbcadejsm_form
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Last-Modified: Thu, 02 May 2024 22:00:35 GMT
ETag: "5a1-6177fbb8ceae9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1156
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Content-Type: image/png
|
|
| exchange.add-solution.de/REF_RevAutExchangOtp/olk_logo_white.png | 62.176.232.218 | 200 OK | 2.2 kB |
URL GET HTTP/1.1exchange.add-solution.de/REF_RevAutExchangOtp/olk_logo_white.png IP62.176.232.218:443
Requested byhttps://exchange.add-solution.de/owa_ocbcadejsm_form CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typePNG image data, 128 x 108, 8-bit/color RGBA, non-interlaced Hashfb4df93a98b7af6880c126a8318a60a8 282d061aecb8ddfbb2c78225fc7f0cd58d9fce48 d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /REF_RevAutExchangOtp/olk_logo_white.png HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exchange.add-solution.de/owa_ocbcadejsm_form
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Last-Modified: Thu, 02 May 2024 22:00:35 GMT
ETag: "9c7-6177fbb8b3569-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2187
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive
Content-Type: image/png
|
|
| exchange.add-solution.de/favicon.ico | 62.176.232.218 | 302 Found | 120 B |
URL GET HTTP/1.1exchange.add-solution.de/favicon.ico IP62.176.232.218:443
Requested byhttps://exchange.add-solution.de/owa_ocbcadejsm_form CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash1402a8c2273faba409410a35aa159ae5 ca7665045a1142d26c553b53950fe72387195cd8 e884c04118a33e5a37351fbfd265f99362ec20ed4d9d1cce2a99ed89e83446bd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /favicon.ico HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exchange.add-solution.de/owa_ocbcadejsm_form
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Location: /owa/favicon.ico?s=BAD6EE0B2F0E6E084A42B96D89C1AB6C6AC21E2A
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 120
Keep-Alive: timeout=15, max=94
Connection: Keep-Alive
|
|
| exchange.add-solution.de/owa/favicon.ico?s=BAD6EE0B2F0E6E084A42B96D89C1AB6C6AC21E2A | 62.176.232.218 | 302 Found | 229 B |
URL GET HTTP/1.1exchange.add-solution.de/owa/favicon.ico?s=BAD6EE0B2F0E6E084A42B96D89C1AB6C6AC21E2A IP62.176.232.218:443
Requested byhttps://exchange.add-solution.de/owa_ocbcadejsm_form CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashc9419667f409d368312b244d92045375 309b06e0b712d6653dbfe1970901207f6c68d703 19eef92eb57a44bfc2efbfcaf35c79650f812a5621241f597d7de0608ab6aade
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /owa/favicon.ico?s=BAD6EE0B2F0E6E084A42B96D89C1AB6C6AC21E2A HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exchange.add-solution.de/owa_ocbcadejsm_form
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Set-Cookie: ocbcadejsm_cookie=;Max-Age=0;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;httponly;secure
Location: /owa_ocbcadejsm_form?L293YS9mYXZpY29uLmljbz8=
Cache-Control: no-cache
Content-Length: 229
Keep-Alive: timeout=15, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| exchange.add-solution.de/owa_ocbcadejsm_form?L293YS9mYXZpY29uLmljbz8= | 62.176.232.218 | 200 OK | 1.1 kB |
URL GET HTTP/1.1exchange.add-solution.de/owa_ocbcadejsm_form?L293YS9mYXZpY29uLmljbz8= IP62.176.232.218:443
Requested byhttps://exchange.add-solution.de/owa_ocbcadejsm_form CertificateIssuerSectigo Limited Subject*.add-solution.de Fingerprint91:18:C5:42:AD:81:E6:A9:CA:D9:A5:3C:E6:30:45:34:2A:EB:38:77 ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash383aab631d026d1bb73095156f5e20f5 c8178a88960ac9164678669e288f57b2f515b028 4ca8c8e6e02f07dce8259eba1498b0c32927062e323abbc23b6911d2924b6b1e
GET /owa_ocbcadejsm_form?L293YS9mYXZpY29uLmljbz8= HTTP/1.1
Host: exchange.add-solution.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exchange.add-solution.de/owa_ocbcadejsm_form
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:34:26 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1112
Keep-Alive: timeout=15, max=92
Connection: Keep-Alive
Content-Type: text/html
|
|