| asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu | 63.32.244.164 | 200 OK | 25 kB |
URL User Request GET HTTP/1.1asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu IP63.32.244.164:443
CertificateIssuerLet's Encrypt Subjectcompanypolicy.ie FingerprintC8:46:65:EA:E3:9D:BF:9D:A6:6E:52:34:69:1A:1E:6B:5C:25:D8:36 ValidityTue, 23 Apr 2024 13:10:22 GMT - Mon, 22 Jul 2024 13:10:21 GMT
File typeHTML document, ASCII text, with very long lines (24671), with no line terminators Hash5682192fc86348e3de5cc54212368d27 4818f841689d840594c720a98f9ae651251caf42 9ada8549c7f272cbd31964b8d533708f913af392ef5d3dc8042812c4d6874013
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu HTTP/1.1
Host: asistenciahoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Sat, 04 May 2024 21:16:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 24671
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714857415&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=AFtpojxL0NCROeO6EKXYDC5bmyhIwg9cw4B5KvBl%2Fos%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714857415&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=AFtpojxL0NCROeO6EKXYDC5bmyhIwg9cw4B5KvBl%2Fos%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Access-Control-Allow-Origin: *
Etag: W/"605f-SBj4QWidhAWUxyCpj5rmUSUcr0I"
Via: 1.1 vegur
|
|
| asistenciahoy.com/js/usecure.env.js?v=87f737fd-015a-4754-ae7a-f1aeb21f7100 | 63.32.244.164 | 200 OK | 170 B |
URL GET HTTP/1.1asistenciahoy.com/js/usecure.env.js?v=87f737fd-015a-4754-ae7a-f1aeb21f7100 IP63.32.244.164:443
Requested byhttps://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu CertificateIssuerLet's Encrypt Subjectcompanypolicy.ie FingerprintC8:46:65:EA:E3:9D:BF:9D:A6:6E:52:34:69:1A:1E:6B:5C:25:D8:36 ValidityTue, 23 Apr 2024 13:10:22 GMT - Mon, 22 Jul 2024 13:10:21 GMT
Hashd9fe999bffe058ad04db8fb08185b999 b2fa85ab5e5e26fa162976655d521cad9645b91c 7549bac5f667848983c85e3ba8e22acf0d6ca930c8de578998a65a7c498ac6fe
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /js/usecure.env.js?v=87f737fd-015a-4754-ae7a-f1aeb21f7100 HTTP/1.1
Host: asistenciahoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Sat, 04 May 2024 21:16:55 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 170
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714857415&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=AFtpojxL0NCROeO6EKXYDC5bmyhIwg9cw4B5KvBl%2Fos%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714857415&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=AFtpojxL0NCROeO6EKXYDC5bmyhIwg9cw4B5KvBl%2Fos%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 May 2024 21:03:03 GMT
Etag: W/"aa-18f404486e0"
Via: 1.1 vegur
|
|
| s3.eu-west-1.amazonaws.com/usecure/wysiwyg1624404413342-Craigslist+LOGIN1.png | 52.92.20.64 | 200 OK | 3.0 kB |
URL GET HTTP/1.1s3.eu-west-1.amazonaws.com/usecure/wysiwyg1624404413342-Craigslist+LOGIN1.png IP52.92.20.64:443
Requested byhttps://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu CertificateIssuerAmazon Subject*.s3-eu-west-1.amazonaws.com Fingerprint49:42:4E:99:9B:99:CB:89:18:03:B0:67:44:1E:3F:5D:9A:CD:21:1C ValidityWed, 31 Jan 2024 00:00:00 GMT - Wed, 15 Jan 2025 23:59:59 GMT
File typePNG image data, 688 x 48, 8-bit/color RGB, non-interlaced Hash9ba29322ce47d7ae2ce564d1018b7bc6 c829ddb9331f1442db75ce446701b776b776af5d 5eeeda66d84098ae3ebd1c96707ca040b8250cca5a0556528328cd96e6208356
GET /usecure/wysiwyg1624404413342-Craigslist+LOGIN1.png HTTP/1.1
Host: s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asistenciahoy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: RGd5ZGNgMm+wJF25crkR/Xcdhmb/8y/OjK3XrL6HM7k0qW8gNw7oZWtatMbGIh65z4ge8NS6/w8=
x-amz-request-id: 4X0M9RK2YPC5JTW3
Date: Sat, 04 May 2024 21:16:56 GMT
Last-Modified: Tue, 22 Jun 2021 23:26:56 GMT
ETag: "9ba29322ce47d7ae2ce564d1018b7bc6"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2958
|
|
| s3.eu-west-1.amazonaws.com/usecure/wysiwyg1624404549049-Craigslist+LOGIN2.png | 52.92.20.64 | 200 OK | 3.4 kB |
URL GET HTTP/1.1s3.eu-west-1.amazonaws.com/usecure/wysiwyg1624404549049-Craigslist+LOGIN2.png IP52.92.20.64:443
Requested byhttps://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu CertificateIssuerAmazon Subject*.s3-eu-west-1.amazonaws.com Fingerprint49:42:4E:99:9B:99:CB:89:18:03:B0:67:44:1E:3F:5D:9A:CD:21:1C ValidityWed, 31 Jan 2024 00:00:00 GMT - Wed, 15 Jan 2025 23:59:59 GMT
File typePNG image data, 777 x 40, 8-bit/color RGB, non-interlaced Hash1a705733aa5803d7bf6099dc4ca7f760 9106fe598e56ee74125318483213b5a5ac92e15e ec2694cfe7d6c68f5a15e7b56b7a679d5b73c6dec37fed55b8a1f21f646a03bd
GET /usecure/wysiwyg1624404549049-Craigslist+LOGIN2.png HTTP/1.1
Host: s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asistenciahoy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 0tIbVxzppTrO3xKyLnsx84sTYSNEYTT+0g8NMwVAcUTilKPUklHCmaYtTq2tLx6Qg3YGa2+D67A=
x-amz-request-id: 4X0NADSTC294J764
Date: Sat, 04 May 2024 21:16:56 GMT
Last-Modified: Tue, 22 Jun 2021 23:29:11 GMT
ETag: "1a705733aa5803d7bf6099dc4ca7f760"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3388
|
|
| asistenciahoy.com/js/usecure.bundle.js?v=87f737fd-015a-4754-ae7a-f1aeb21f7100 | 63.32.244.164 | 200 OK | 286 kB |
URL GET HTTP/1.1asistenciahoy.com/js/usecure.bundle.js?v=87f737fd-015a-4754-ae7a-f1aeb21f7100 IP63.32.244.164:443
Requested byhttps://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu CertificateIssuerLet's Encrypt Subjectcompanypolicy.ie FingerprintC8:46:65:EA:E3:9D:BF:9D:A6:6E:52:34:69:1A:1E:6B:5C:25:D8:36 ValidityTue, 23 Apr 2024 13:10:22 GMT - Mon, 22 Jul 2024 13:10:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33574) Size286 kB (286117 bytes) Hash5680b969424bb7d67f18ebb020b6ce29 c67c9f1ffeb53e3dd00c8368f67316245f742251 56969550e0e7344ea18e7f1262f207f93c27f4125772b440370344cf51d626a5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /js/usecure.bundle.js?v=87f737fd-015a-4754-ae7a-f1aeb21f7100 HTTP/1.1
Host: asistenciahoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Sat, 04 May 2024 21:16:55 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 286117
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714857415&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=AFtpojxL0NCROeO6EKXYDC5bmyhIwg9cw4B5KvBl%2Fos%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714857415&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=AFtpojxL0NCROeO6EKXYDC5bmyhIwg9cw4B5KvBl%2Fos%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 25 Mar 2024 17:38:50 GMT
Etag: W/"45da5-18e76b18810"
Via: 1.1 vegur
|
|
| asistenciahoy.com/favicon.ico | 63.32.244.164 | 404 Not Found | 189 B |
URL GET HTTP/1.1asistenciahoy.com/favicon.ico IP63.32.244.164:443
Requested byhttps://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu CertificateIssuerLet's Encrypt Subjectcompanypolicy.ie FingerprintC8:46:65:EA:E3:9D:BF:9D:A6:6E:52:34:69:1A:1E:6B:5C:25:D8:36 ValidityTue, 23 Apr 2024 13:10:22 GMT - Mon, 22 Jul 2024 13:10:21 GMT
File typeHTML document, ASCII text, with no line terminators Hashc9f6f82c0b1e2d6eb40294f876eac55e abe89f9bfb756bbdfb2f535420e10bb5625eb4e2 9dcc361cf979ea9471e1076ab30724c665229614d2d7432dfe9127c8b6d3a443
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /favicon.ico HTTP/1.1
Host: asistenciahoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.20.0
Date: Sat, 04 May 2024 21:16:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 189
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714857416&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=0s6eeTfdylIUeMEYWrWO4U2tHGkuU%2FByYZaZv2LeySQ%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714857416&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=0s6eeTfdylIUeMEYWrWO4U2tHGkuU%2FByYZaZv2LeySQ%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Access-Control-Allow-Origin: *
Etag: W/"bd-q+ifm/t1a737L1NUIOELtWJetOI"
Via: 1.1 vegur
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro | 142.250.74.106 | 200 OK | 5.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro IP142.250.74.106:443
Requested byhttps://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash86d9536c80c2aff87d4c6a6b5eda491b 938e67203ca6aae06946d002e6c774c967672dd0 451298c40521ecb52a36e2e2b0b32c21d27907352d394d67926f2b1eb61f1af4
GET /css?family=Source+Sans+Pro HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asistenciahoy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 21:16:56 GMT
date: Sat, 04 May 2024 21:16:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.usecure.io/api/uPhish/results/visit | 172.66.43.77 | 200 OK | 2.4 kB |
URL POST HTTP/2api.usecure.io/api/uPhish/results/visit IP172.66.43.77:443
Requested byhttps://asistenciahoy.com/?r=490d1292-d995-4704-ab96-87b1621ff5f1&rg=eu CertificateIssuerLet's Encrypt Subjectusecure.io FingerprintEF:44:41:BD:24:79:93:A3:9B:DF:74:51:1B:EA:5F:D4:C8:8C:10:7F ValidityThu, 25 Apr 2024 14:59:39 GMT - Wed, 24 Jul 2024 14:59:38 GMT
Hash3eca6fbf0eefa58a77891d566518f14b e768ee26c8e1554b0c53f687684432f742e05538 a99afd8433b780c289fc0288ff49dd23b0fa724151a27228f34055e39bea5e16
POST /api/uPhish/results/visit HTTP/1.1
Host: api.usecure.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 11504
Origin: https://asistenciahoy.com
DNT: 1
Connection: keep-alive
Referer: https://asistenciahoy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:56 GMT
content-type: application/json; charset=utf-8
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714857416&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=Zm23paHaR%2Fgzn7a0ccfWh%2BTp1fTRp1XtWdRjJ1m61AA%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714857416&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=Zm23paHaR%2Fgzn7a0ccfWh%2BTp1fTRp1XtWdRjJ1m61AA%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
access-control-allow-origin: https://asistenciahoy.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' https://*.usecure.io https://*.user-training.com
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
etag: W/"66-52juJsjhVUsMU/aHaEQy90LgVTg"
via: 1.1 vegur
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87eb83c6183456b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|