geant.ocsp.sectigo.com/
104.18.38.233 727 B IP 104.18.38.233:0
Hash 6e32e6f294110cb0ff71eeb022782e56
f0d6b13918927d1a8f1b3e520b4d0796c45ae231
7b7a8b10b43c4aece212790a6184cdd49698c2df6bd944256088c055d7850625
POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 16:23:03 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 04:44:22 GMT
Expires: Tue, 23 Apr 2024 04:44:21 GMT
Etag: "f0d6b13918927d1a8f1b3e520b4d0796c45ae231"
Cache-Control: max-age=477280,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 875dc1e388a9be56-CPH
geant.ocsp.sectigo.com/
104.18.38.233 727 B IP 104.18.38.233:0
Hash 6e32e6f294110cb0ff71eeb022782e56
f0d6b13918927d1a8f1b3e520b4d0796c45ae231
7b7a8b10b43c4aece212790a6184cdd49698c2df6bd944256088c055d7850625
POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 16:23:03 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 04:44:22 GMT
Expires: Tue, 23 Apr 2024 04:44:21 GMT
Etag: "f0d6b13918927d1a8f1b3e520b4d0796c45ae231"
Cache-Control: max-age=475971,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 875dc1e3888b930d-CPH
mail.rwth-aachen.de/owa/auth/15.2.1544/themes/resources/segoeui-regular.ttf
137.226.78.60200 OK 57 kB URL GET HTTP/1.1 mail.rwth-aachen.de/owa/auth/15.2.1544/themes/resources/segoeui-regular.ttf
IP 137.226.78.60:443
ASN #47610 RWTH Aachen University
Requested by https://elpage.elecrama.com/wp-includes/findings/sso.rwth-aachen.de.html
Certificate IssuerGEANT Vereniging
Subjectmail.rwth-aachen.de
Fingerprint4E:1B:96:FE:F2:C1:89:B9:9F:B9:6E:1B:0B:2A:EA:6A:2A:1B:6D:47
ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File type TrueType Font data, 18 tables, 1st "LTSH", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI RegularVersion 0.81 Build 159S
Hash 8af990b6ad3ba192c2dd6a193890bf5f
4db5bf117ff8f1392fab3b438216d7cff4ae4976
c147c2ec76a8ab8bd5082f1f4d3f80a43c689165cb164cdd812e44048fe38708
GET /owa/auth/15.2.1544/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: mail.rwth-aachen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elpage.elecrama.com
DNT: 1
Connection: keep-alive
Referer: https://elpage.elecrama.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Thu, 21 Dec 2023 07:34:58 GMT
Accept-Ranges: bytes
ETag: "0bdde32e033da1:0"
Server: Microsoft-IIS/10.0
request-id: e28f0e17-5aee-4a80-bcb9-b6136df36b54
X-Powered-By: ASP.NET
Connection: Keep-Alive
Date: Wed, 17 Apr 2024 16:23:03 GMT
Age: 33514
Content-Length: 56760
mail.rwth-aachen.de/owa/auth/15.2.1544/themes/resources/segoeui-semilight.ttf
137.226.78.60200 OK 42 kB URL GET HTTP/1.1 mail.rwth-aachen.de/owa/auth/15.2.1544/themes/resources/segoeui-semilight.ttf
IP 137.226.78.60:443
ASN #47610 RWTH Aachen University
Requested by https://elpage.elecrama.com/wp-includes/findings/sso.rwth-aachen.de.html
Certificate IssuerGEANT Vereniging
Subjectmail.rwth-aachen.de
Fingerprint4E:1B:96:FE:F2:C1:89:B9:9F:B9:6E:1B:0B:2A:EA:6A:2A:1B:6D:47
ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File type TrueType Font data, 16 tables, 1st "OS/2", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16
Hash 6c26c24aabe31040657665b1e0d9505c
b3bdc48643752665e3e5798a192b27432a87d234
2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25
GET /owa/auth/15.2.1544/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: mail.rwth-aachen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elpage.elecrama.com
DNT: 1
Connection: keep-alive
Referer: https://elpage.elecrama.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Thu, 21 Dec 2023 07:34:57 GMT
Accept-Ranges: bytes
ETag: "80264632e033da1:0"
Server: Microsoft-IIS/10.0
request-id: 36458abf-7319-4b2c-907a-22031a5cca73
X-Powered-By: ASP.NET
Connection: Keep-Alive
Date: Wed, 17 Apr 2024 16:23:03 GMT
Age: 33586
Content-Length: 41560
mail.rwth-aachen.de/owa/auth/15.2.1544/themes/resources/favicon.ico
137.226.78.60200 OK 7.9 kB URL GET HTTP/1.1 mail.rwth-aachen.de/owa/auth/15.2.1544/themes/resources/favicon.ico
IP 137.226.78.60:443
ASN #47610 RWTH Aachen University
Requested by https://elpage.elecrama.com/wp-includes/findings/sso.rwth-aachen.de.html
Certificate IssuerGEANT Vereniging
Subjectmail.rwth-aachen.de
Fingerprint4E:1B:96:FE:F2:C1:89:B9:9F:B9:6E:1B:0B:2A:EA:6A:2A:1B:6D:47
ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Hash 759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
GET /owa/auth/15.2.1544/themes/resources/favicon.ico HTTP/1.1
Host: mail.rwth-aachen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elpage.elecrama.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/x-icon
Last-Modified: Thu, 21 Dec 2023 08:15:38 GMT
Accept-Ranges: bytes
ETag: "03139e1e533da1:0"
Server: Microsoft-IIS/10.0
request-id: 44212fec-d131-46e9-a5c2-4352e11ba56d
X-Powered-By: ASP.NET
Connection: Keep-Alive
Date: Wed, 17 Apr 2024 16:23:03 GMT
Age: 30970
Content-Length: 7886
elpage.elecrama.com/wp-includes/findings/sso.rwth-aachen.de.html
35.189.109.142200 OK 61 kB URL User Request GET HTTP/2 elpage.elecrama.com/wp-includes/findings/sso.rwth-aachen.de.html
IP 35.189.109.142:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectelpage.elecrama.com
Fingerprint6B:47:A3:04:EE:EF:99:DA:9E:67:E2:49:99:A8:7F:48:8A:74:2C:90
ValidityMon, 04 Mar 2024 19:31:16 GMT - Sun, 02 Jun 2024 19:31:15 GMT
File type HTML document, ASCII text, with very long lines (10414), with CRLF line terminators
Hash 8c61a5cf0cd73192c0986a11569c28ef
89d59ba80aff016a9a7d3d078c441a9070e80219
cd5d671179bad9906a60a55a5a30c700ba7496f1b9c25ca011236d68bc3af3f2
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
OpenPhish phishing Outlook
GET /wp-includes/findings/sso.rwth-aachen.de.html HTTP/1.1
Host: elpage.elecrama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 16:23:02 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 17 Apr 2024 08:35:56 GMT
x-powered-by: WP Engine
content-language: de
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"efbb-61646be4b840b-gzip"
x-cache: HIT: 11
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2