mail.findim.ch/
212.243.65.58 0 B IP 212.243.65.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET / HTTP/1.1
Host: mail.findim.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Pragma: no-cache
Location: https://mail.findim.ch/owa/
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 22:53:10 GMT
Connection: close
Content-Length: 0
mail.findim.ch/owa/
212.243.65.58 214 B IP 212.243.65.58:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 89dfaeda3249c366b92386e704a5feb4
2f547de92c636082d9ac244b8df83e3545cbe43a
887ab9230a8353fb1b696a1b20c07969f144db81da26a455fc39b9e9bdcea859
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/ HTTP/1.1
Host: mail.findim.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: https://mail.findim.ch/owa/auth/logon.aspx?url=https%3a%2f%2fmail.findim.ch%2fowa%2f&reason=0
Server: Microsoft-IIS/8.5
request-id: 34fdb6d6-2c24-4de2-aaca-522791a3834d
Set-Cookie: ClientId=VVUSOYUNKKZUAVVSYJMG; expires=Fri, 18-Apr-2025 22:53:10 GMT; path=/; HttpOnly
X-OWA-Version: 15.0.1497.36
X-Powered-By: ASP.NET
X-FEServer: FGEX200
Date: Thu, 18 Apr 2024 22:53:10 GMT
Content-Length: 214
mail.findim.ch/owa/auth/logon.aspx?url=https%3a%2f%2fmail.findim.ch%2fowa%2f&reason=0
212.243.65.58 28 kB URL mail.findim.ch/owa/auth/logon.aspx?url=https%3a%2f%2fmail.findim.ch%2fowa%2f&reason=0
IP 212.243.65.58:0
File type HTML document, ASCII text, with very long lines (1062), with CRLF, LF line terminators
Hash 2017487ae189caa8b17f167d63cd5665
f4c88405956c86d78290c17c978d97fc2195cdcd
fe5ee2e469eacdad562037bfa213d0237075c11d40850e562e21752d7448a6f9
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?url=https%3a%2f%2fmail.findim.ch%2fowa%2f&reason=0 HTTP/1.1
Host: mail.findim.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ClientId=VVUSOYUNKKZUAVVSYJMG
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
request-id: 8e48fdf7-d7ab-4a19-8054-34b8770d5c13
X-Frame-Options: SAMEORIGIN
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 22:53:10 GMT
Content-Length: 27983
mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
212.243.65.58200 OK 56 kB URL User Request GET HTTP/1.1 mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
IP 212.243.65.58:443
Certificate IssuerGoDaddy.com, Inc.
Subjectmail.findim.ch
FingerprintFC:C4:15:51:9D:7A:0B:5B:2C:7B:C4:17:DB:79:C5:28:E9:0B:7E:8E
ValiditySat, 23 Sep 2023 06:14:34 GMT - Mon, 26 Aug 2024 18:56:35 GMT
File type HTML document, ASCII text, with very long lines (7903), with CRLF, LF line terminators
Hash 1545b4f33443bc93e1f2fe0a902cfdef
713c3a49a29430b3a9c564a989f7c4e6bbe16acb
7dc3b685e7d970438992d750b0519975f27e3a39825ca946fc18d48d1a89d63a
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f HTTP/1.1
Host: mail.findim.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.findim.ch/owa/auth/logon.aspx?url=https%3a%2f%2fmail.findim.ch%2fowa%2f&reason=0
Cookie: ClientId=VVUSOYUNKKZUAVVSYJMG
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
request-id: fa1b94ca-e75c-41f8-9360-d0f64f9febf9
X-Frame-Options: SAMEORIGIN
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 22:53:10 GMT
Content-Length: 56328
mail.findim.ch/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf
212.243.65.58200 OK 57 kB URL GET HTTP/1.1 mail.findim.ch/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf
IP 212.243.65.58:443
Requested by https://mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
Certificate IssuerGoDaddy.com, Inc.
Subjectmail.findim.ch
FingerprintFC:C4:15:51:9D:7A:0B:5B:2C:7B:C4:17:DB:79:C5:28:E9:0B:7E:8E
ValiditySat, 23 Sep 2023 06:14:34 GMT - Mon, 26 Aug 2024 18:56:35 GMT
File type TrueType Font data, 18 tables, 1st "LTSH", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI RegularVersion 0.81 Build 159S
Hash 8af990b6ad3ba192c2dd6a193890bf5f
4db5bf117ff8f1392fab3b438216d7cff4ae4976
c147c2ec76a8ab8bd5082f1f4d3f80a43c689165cb164cdd812e44048fe38708
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: mail.findim.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
Cookie: ClientId=VVUSOYUNKKZUAVVSYJMG
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Wed, 29 May 2019 00:02:58 GMT
Accept-Ranges: bytes
ETag: "0e579dfb115d51:0"
Server: Microsoft-IIS/8.5
request-id: 0c591350-f401-4415-bbc4-88c54ce49553
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 22:53:10 GMT
Content-Length: 56760
mail.findim.ch/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf
212.243.65.58200 OK 42 kB URL GET HTTP/1.1 mail.findim.ch/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf
IP 212.243.65.58:443
Requested by https://mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
Certificate IssuerGoDaddy.com, Inc.
Subjectmail.findim.ch
FingerprintFC:C4:15:51:9D:7A:0B:5B:2C:7B:C4:17:DB:79:C5:28:E9:0B:7E:8E
ValiditySat, 23 Sep 2023 06:14:34 GMT - Mon, 26 Aug 2024 18:56:35 GMT
File type TrueType Font data, 16 tables, 1st "OS/2", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16
Hash 6c26c24aabe31040657665b1e0d9505c
b3bdc48643752665e3e5798a192b27432a87d234
2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: mail.findim.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
Cookie: ClientId=VVUSOYUNKKZUAVVSYJMG
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Wed, 29 May 2019 00:02:58 GMT
Accept-Ranges: bytes
ETag: "0e579dfb115d51:0"
Server: Microsoft-IIS/8.5
request-id: d9d63001-d5b0-4889-b7a7-bfb8a4306547
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 22:53:10 GMT
Content-Length: 41560
mail.findim.ch/owa/auth/15.0.1497/themes/resources/favicon.ico
212.243.65.58200 OK 7.9 kB URL GET HTTP/1.1 mail.findim.ch/owa/auth/15.0.1497/themes/resources/favicon.ico
IP 212.243.65.58:443
Requested by https://mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
Certificate IssuerGoDaddy.com, Inc.
Subjectmail.findim.ch
FingerprintFC:C4:15:51:9D:7A:0B:5B:2C:7B:C4:17:DB:79:C5:28:E9:0B:7E:8E
ValiditySat, 23 Sep 2023 06:14:34 GMT - Mon, 26 Aug 2024 18:56:35 GMT
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Hash 759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.0.1497/themes/resources/favicon.ico HTTP/1.1
Host: mail.findim.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.findim.ch/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.findim.ch%2fowa%2f
Cookie: ClientId=VVUSOYUNKKZUAVVSYJMG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/x-icon
Last-Modified: Wed, 29 May 2019 00:02:58 GMT
Accept-Ranges: bytes
ETag: "0e579dfb115d51:0"
Server: Microsoft-IIS/8.5
request-id: 286feae7-d203-4105-822d-4d562634decb
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 22:53:10 GMT
Content-Length: 7886