{"report_id":"f7306b65-4d0d-49e5-a12c-a9da0b3a3937","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2023-09-08T17:08:29Z","url":{"schema":"http","addr":"belquisebarreto.com.br/.test509/xdfhccgcfhgjvhjgjufcjjgj/bWFyaXNzYS5nYXJjaWFAaW5zZ3JvdXAubmV0","fqdn":"belquisebarreto.com.br","domain":"belquisebarreto.com.br","tld":"com.br"},"ip":{"addr":"108.179.252.87","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"title":"Baldwin Risk Partners - Sign In"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T07:44:43Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"belquisebarreto.com.br","ip":{"addr":"108.179.252.87","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2023-07-05","domain_rank":0,"first_seen":"2023-07-16 18:37:13","last_seen":"2023-09-07 17:37:05","alert_count":1,"request_count":1,"received_data":234,"sent_data":549,"comment":"","tags":null,"fingerprints":null},{"fqdn":"login-okta.inoffice.click","ip":{"addr":"138.68.106.129","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":264744,"sent_data":2775,"comment":"","tags":null,"fingerprints":null},{"fqdn":"microsoft.inoffice.click","ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":305078,"sent_data":1957,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ef0b005b-6272bb49.inoffice.click","ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":10,"received_data":2254962,"sent_data":6223,"comment":"","tags":null,"fingerprints":null},{"fqdn":"6ceb104b-6272bb49.inoffice.click","ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":42999,"sent_data":5605,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"6db30c21e46e3fd4da11a95373f477fe","sha1":"294e8bf8349b013eaebe183871ba213be63eb8cd","sha256":"e22fd480546ae46579ff3086fa5df315ec28b97da561e6e869f0c68452e1c6fb","sha512":"c371e4e7d32593deb244263e827dc6bf5120d4a17514b0cf5d8c5e9df21d2180e4b97bd9636cca5d34e6c9dd0be526d87335c19da16b5ed6b628477131f98bb7","ssdeep":"","tlshash":"40a011208cbaa003022f38c0f3c22022aee88af202282220822c82e080088028bce303","size":77,"data":"","first_seen":"2023-03-07T12:10:48Z","last_seen":"2026-04-09T00:36:36.302573Z","times_seen":2213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"32b97ddc56c72b1b16b05012f0a9a4f5","sha1":"c69c37c64abb44206ed34f950fba4c4ade8db092","sha256":"425a2f27ebf229c05067a80d122b07f3cb0adb52aefd27bd2b383c8b4f11583b","sha512":"451e6372a06bb0e22aaa9f16d6e231846594d586910b0910bab8959ac00ec98d80f3b206dd1da2412da5e116aee531dd5b92ec67dd099d1c3b075f56e8317963","ssdeep":"","tlshash":"b4a022080a223308e0b0ba00228b0eaac0f8083c38280be028022000333a2afbe03f30","size":64,"data":"","first_seen":"2024-08-21T07:16:49.649115Z","last_seen":"2024-08-21T07:16:49.649115Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"1569fec2bafea00e0201f9eaa2569ccf","sha1":"59d96914c523d8f7f10e41ff00778aa3f0f20b48","sha256":"d453959d2159aa02b05d1797260af6bb2d60cdbe66f473ad25fe5b10bf0155a4","sha512":"b2c222fbaa0ef78db198e4da99c44e463dd7b72641158496eb4bc8bac196d9005e04ee6d19db118cc4b430be465f2b3c95c71df64ec1030bb7d19d668c0e65e5","ssdeep":"3072:rbUQT3DD99gmQY12D417k93L+PjKRA1AV0EMg:rYQTzDnMYI49+L+P+RA60hg","tlshash":"6824f9dc73c5b46243a720b9406f230ab23a6869784dc458f575d4eabc78a4a523ff7c","size":209404,"data":"","first_seen":"2023-09-08T19:08:54Z","last_seen":"2023-09-08T19:08:54Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login-okta.inoffice.click/discovery/iframe.html","fqdn":"login-okta.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d6a5e37890c1c17bda9eec9bd07824f","sha1":"d729cbb4392948b33ad24e58369ed1472491811f","sha256":"6295e68fa50bff83e74ca3d745e82914e8da704b090553ec5253bb861159d06a","sha512":"fd388e7cd40e95b32e045fb5da964844d9ae846a86fef441a3a77ee5b75487ca38098394516068b9b3295286130ee6c35526e47de5f2f2c876247e8465a4ad28","ssdeep":"3072:N3DfiYkoMYXLT0jLkpWDuGdhX191boVFXuWCNxIT9P:NzfihoMG6XuGdhXElCNxIT9P","tlshash":"0ff3934077d0b84913a79b76b32fb4d6f46f08af3c58484bd111fda065a862aeef1931","size":164099,"data":"","first_seen":"2024-08-21T07:16:49.65003Z","last_seen":"2024-08-21T07:16:49.65003Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa816a024b3ae4f4330b115e6a1443ae","sha1":"5252a4cae64b9526409c975e7502baa93e36a31c","sha256":"e125da45a38226b2a31e65e6ac7ab67f562cd0e04649c5d6e11b072a9c50c840","sha512":"882ba9b912abcf6ab75280589e4422fc7d6578e15998a5918f5107d64e3cb4373545d86312a28e0ea82597cbc668f225289d044d4e64a023d2322fd7344c984a","ssdeep":"","tlshash":"dcb002a5e6960185342265d48a2e100132e048434a1add797f9ed3849f0c31d88ea7dc","size":93,"data":"","first_seen":"2023-03-07T22:31:44Z","last_seen":"2025-09-03T03:01:30.237541Z","times_seen":949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login-okta.inoffice.click/discovery/iframe.html","fqdn":"login-okta.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"c70e750da4688ccec2c4661909fc7fc5","sha1":"7e614af005587124cc2be89fc56906f2ae7184be","sha256":"b107cf8bf7b4b266d5dc777969730b80bacfc9ad59ae375101c8c33034732b25","sha512":"9da236e6743f013a9a8c8c10ecaddab92c2d39a7a7141db879173863c9257980b6765749f9109813bd00ef72f24f5a95047c7f20e463391ac5de6dba89c80f9e","ssdeep":"","tlshash":"769002012081c59c25276040924e921402810564a80151926450019035150277e419d8","size":42,"data":"","first_seen":"2023-04-28T12:58:20Z","last_seen":"2024-08-21T09:16:31.767124Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"243cc219aad897e7596ad5d16a78d491","sha1":"bc94684a1cdd029d2298e8e0db1af2a59eaa09be","sha256":"d11dabbc5283487c1ab8cbf282deffe7c5f671115cce37daeb266b7f1a1628d2","sha512":"05952a0bcb2763d1e05ea8b79958f766ab63b3eec9205c59adbe828dc05c28bc6a204ac3beca07ede4bd03743bb2de97ee99f3f31e390202d7a9795365c08c59","ssdeep":"","tlshash":"62b09b1368d7961c0d7721605f99e1447c2b515641524246c551821025c1c4380d578d","size":124,"data":"","first_seen":"2024-08-21T07:16:49.652212Z","last_seen":"2024-08-21T07:16:49.652212Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"56730d2d293ada722a3c156fd4cc1b30","sha1":"9e90dc4961b55a26a98706a766389ffb7ea5d9bf","sha256":"c98fb5789db3a04a1e4473bc230af432ecaeccd3b5f72eb1002007c92448af4b","sha512":"f65f00cadecc1062d5c3c1b889bff12e7e8062809b1aea2a005cb99ae9ce666cb3d05710a90a9883d5277a617711b640db9b3816108b2070ae0853d1747fbe52","ssdeep":"12288:29eRzoClPpL8lFp1ysE8nfKvraTK+m4ywMrmir8W6ThJQArwN5FZbByJbdEMIS2O:seQ1O8nfKvFwMrme8W6ThJQfjB09dt2O","tlshash":"6f85288db2d6f4a207e360f4406f110ab33a5d18948da540f7b0dad5bd69a4fa237f39","size":1736570,"data":"","first_seen":"2024-08-21T07:16:49.653445Z","last_seen":"2024-08-21T07:16:49.653445Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"74744351d7c2c804962dd168bf373d5a","sha1":"f9068295268c3c9990dc8724a6a5d1f29112b5b1","sha256":"1252b6f510f734b694e6104037f2b9bb36633a512bb5d96bc9bf8235165520f5","sha512":"ae260605d830e698b938a1ed690d5dc5caa910dbefe6d7060767551b10e9984e67bd7a8426f19141bbc6f94365a93cc019b547dd826e99f0d2e55292648b8e49","ssdeep":"","tlshash":"269000220832a003202e3880f3e23a202cca02e0080032200a0c02c03828003eace080","size":42,"data":"","first_seen":"2023-03-07T12:10:48Z","last_seen":"2026-04-09T00:36:36.311234Z","times_seen":2240,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b048888472cccb7ee44c211baae0ac8e","sha1":"801fe17f678233b7e7b50adf1e753f78a3d7f6c7","sha256":"30b950447659088ef7a5d13770f05d5a7ec2d44e3ecebdaa3c2a3bbbe6e8ccab","sha512":"8c026fdb8c10b0c8e5b6b5fa607e12dc00618e868fcd21d469e70a0c0bae50b08a605c771787fd2431cb1e6d5bfa764456d2061e79df5d28e2568dbcb6f708dc","ssdeep":"","tlshash":"c5e0553b2ce2882048192a6f317eea281b3a32ac9082c4085e79cc010db0e621d62edc","size":421,"data":"","first_seen":"2024-08-21T07:16:49.657102Z","last_seen":"2024-08-21T07:16:49.657102Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d069b56077067e6c4ddbc1e6b03e039","sha1":"92f91309190b3b14f860727dfb00674167878df2","sha256":"c5cef53a5e42445f5da79940e1bf85a821b14d7d0700d0b46a99c0325f39991c","sha512":"1e1f2dea55e04248db3e9b413fb62a82f5657fec493d5093323f466d19994f8c7ff78412a7343d7990787fe93abf8bc810cb6fb87aa2542146e3b3666ff4b920","ssdeep":"192:WncvWjC5G+UbEoQuvD0d/Sb53NnHxIAEBi:WncOjjdNn4Q","tlshash":"6202a56f2c762031b9469576894ea05237259023184efe39797ce3543fcea0d35bf8e2","size":8935,"data":"","first_seen":"2024-08-21T07:16:49.658058Z","last_seen":"2024-08-21T07:16:49.658058Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1636c46c8e2184bde6cce6b7cd9c42cf","sha1":"3bd6fde98e51c25df847b2776325d95d4cd11c5a","sha256":"b099390887625cdcaa514a668fe9b759d4b838df07b547ad8c7068e8e9412f5b","sha512":"31a1d350cfc40da981d9b47473e4591e733f1c81d4689aacfe8a4855a6b31063521e8c236c037bb0caa69051be8c269820f85914fecc85e6997fbfa8ac5305c9","ssdeep":"","tlshash":"f81123c379b4a470a7125a9c11fb7801b61a771153f40a15b3ecc76747c20794852df5","size":852,"data":"","first_seen":"2023-04-19T12:34:33Z","last_seen":"2025-11-04T23:36:03.767442Z","times_seen":2408,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login-okta.inoffice.click/lib/discoveryIframe-88dc7396afa19c320b05.min.js","fqdn":"login-okta.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0fd7fff91ce98053f65f8956a6e5f951","sha1":"28bb8b5e27718f4c493153703eebc67e9ea773f3","sha256":"b5f33a88d99300cdd967cef48611706a43070b41d24fe254d40dd73d2b283667","sha512":"5f4589227c38501623b910ab573e80a69d21766978ba2d1c5fc00efa73595ef98c27598e96294c66879e1bc2510a4ed5cf4cf689f7809d1090b86a40c8c5a641","ssdeep":"1536:Ae0M1394nmxdOV0X9cbF6M/tWczH1fKCLSl5QOtUxDdjU:AM139ro04l12l5QnxDdjU","tlshash":"baa3518cfec6f09943a3b676812f940bb27b1a55745f84a0d16ad1e0bc7898f5037e2d","size":98315,"data":"","first_seen":"2024-08-21T07:16:49.65958Z","last_seen":"2024-08-21T07:16:49.65958Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"afa012c87a99f408423260f04c3b808de0352c20348c544069098c556c711098336d1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-09T02:38:41.891377Z","times_seen":209538,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"679004dd3d51d000433350f04c17d4d5f0340c3030541d00750dd4475c7111c4135c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-09T02:38:41.890856Z","times_seen":605222,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"2bdc6e57ccb0509a01e6fac78c9fd3fc","sha1":"4e0d03849f810effd08a140f335f26911e0a5490","sha256":"4e7e174d17cb36fa5d918c038fa877eed559d02d4eed1a97b7e9b30ba3bf3350","sha512":"1995f2e69d5e55b021fb102893b67fdc3e8d2b50de52ac03ba45d4b6fcf441fd2683dc1205e173aa3f65287371f4acda10f3ae3d739334ac5c10d5b901f37494","ssdeep":"","tlshash":"5de0df0e24d71429a023347cb29fa148312c1a634341ce913cbd0634cf201325db17c8","size":361,"data":"","first_seen":"2023-03-09T01:06:28Z","last_seen":"2025-12-28T02:44:11.453249Z","times_seen":750,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"belquisebarreto.com.br/.test509/xdfhccgcfhgjvhjgjufcjjgj/bWFyaXNzYS5nYXJjaWFAaW5zZ3JvdXAubmV0","fqdn":"belquisebarreto.com.br","domain":"belquisebarreto.com.br","tld":"com.br"},"ip":{"addr":"108.179.252.87","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-08T17:08:09.622235318Z","timestamp":1694192889622,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /.test509/xdfhccgcfhgjvhjgjufcjjgj/bWFyaXNzYS5nYXJjaWFAaW5zZ3JvdXAubmV0 HTTP/1.1\r\nHost: belquisebarreto.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nrefresh: 0;url=https://microsoft.inoffice.click/?username=marissa.garcia@insgroup.net\r\ncontent-length: 0\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Fri, 08 Sep 2023 17:08:09 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"login-okta.inoffice.click/websocket/hook/?R10lzW=NjI3MmJiNDk0OTM4NDJlOTlmNmYzZDNiNmQ5NDgwOTE=","fqdn":"login-okta.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-08T17:08:20.246503902Z","timestamp":1694192900246,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /websocket/hook/?R10lzW=NjI3MmJiNDk0OTM4NDJlOTlmNmYzZDNiNmQ5NDgwOTE= HTTP/1.1\r\nHost: login-okta.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://login-okta.inoffice.click\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: N/N1GkQH5EF1OnyoFKIWGg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Fri, 08 Sep 2023 17:08:20 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: qZ01C+mqQPcsf/4y3S0H8RVjQpg=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.inoffice.click/?username=marissa.garcia@insgroup.net","fqdn":"microsoft.inoffice.click","domain":"insgroup.net","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-08T17:08:10.957Z","timestamp":1694192890957,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /?username=marissa.garcia@insgroup.net HTTP/1.1\r\nHost: microsoft.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://microsoft.inoffice.click/?username=marissa.garcia@insgroup.net\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:13 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://6ceb104b-6272bb49.inoffice.click/app/office365/exk4vpkeejP7OM7i64x7/sso/wsfed/passive?login_hint=marissa.garcia%40insgroup.net\u0026client-request-id=dff956e9-b28f-47d8-84b5-0414f7e6369b\u0026username=marissa.garcia%40insgroup.net\u0026wa=wsignin1.0\u0026wtrealm=urn%3afederation%3aMicrosoftOnline\u0026wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0#\r\ncache-control: no-store, no-cache\r\npragma: no-cache\r\nvary: Accept-Encoding\r\np3p: CP=\"DSP CUR OTPi IND OTRi ONL FIN\"\r\nx-ms-request-id: 5feba39d-b780-41c7-82f6-97aad1960000\r\nx-ms-ests-server: 2.1.16209.3 - SEC ProdSlices\r\nreferrer-policy: strict-origin-when-cross-origin\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":17819,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":2586,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2583,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/loginpage/css/loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:14.896Z","timestamp":1694192894896,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/loginpage/css/loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:15 GMT\r\ncontent-type: text/css\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Tue, 07 Feb 2023 22:55:27 GMT\r\netag: W/\"c1227d73b70be13e51aae80fe238b0ae\"\r\nx-amz-meta-sha1sum: db76514c4942184db3baedf6ac119ff9538368fc\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: SQrQeu9XpWUBmnbwjNp5TDu3T8bnerOnM2gEQ-XUYJ9T4iMU-BF3kg==\r\nage: 1013468\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3154), with no line terminators","md5":"dec897ad66aedbe4b416e34c72fcc95c","sha1":"252728c8679365dfb2ab4b2e85e0b0e6a67823ae","sha256":"25b2d104b35dd936ce7ceef97bae26bf1ba391db3369f1354a9e2cc5061c6bc2","sha512":"0cf4f4dcd135d02cf66d7c32e868ef4dd05e51cb6d5a9179c8417785acaf0ab6fa3413f492415d6f995c5c2cd2567182bf6417ab3e77fcaa4cbd8c4d98afdc0d","ssdeep":"","tlshash":"2f5152928211312d712b89a4e8b6f7d4b21c11a757775bfef8223634c69e0c53732ac7","first_seen":"2023-04-24T14:45:10Z","last_seen":"2024-08-21T09:16:31.751481Z","times_seen":113,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE\u0026v=abc4780733b2999dc5536ea4bf18a7237d32beafe91e2f7611b8af3ecb8ae0d0dfb208992a3b1ecefd0c0f9333f4b59d","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:14.900Z","timestamp":1694192894900,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE\u0026v=abc4780733b2999dc5536ea4bf18a7237d32beafe91e2f7611b8af3ecb8ae0d0dfb208992a3b1ecefd0c0f9333f4b59d HTTP/1.1\r\nHost: 6ceb104b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:15 GMT\r\ncontent-type: text/css\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-okta-request-id: ZPtU_zAZHQDFtLKaU9cxxgAAChU\r\np3p: CP=\"HONK\"\r\nx-rate-limit-limit: 2400\r\nx-rate-limit-remaining: 2398\r\nx-rate-limit-reset: 1694192925\r\ncache-control: max-age=31536000, must-revalidate\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":556,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (577), with no line terminators","md5":"603b59db6fb4ed13ade89279ce1f2912","sha1":"bfbc6a7e83cd743753d97d32865e7027b6ab7148","sha256":"e0da9e2000754adf5d3c360cf283350d6a2b75b5445c75a4d0561746f4605fca","sha512":"7ae3b92dc2093e192a72763ab59afccff88ab7ea143cf476f8ac0277ae0453bf643d28db845feec5d8c6a8ac70916f2c98ae4a8232da175b5d4c655a3b21ae27","ssdeep":"","tlshash":"c2f0a4fbe1c5156f32225e54d2576638fb2c6d8086142b3a7368b3f597899c2053c071","first_seen":"2023-04-24T14:45:10Z","last_seen":"2025-04-04T07:08:56.410586Z","times_seen":156,"resource_available":false,"data":null}},"time_used":668,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":668,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"login-okta.inoffice.click/websocket/hook/?R10lzW=NjI3MmJiNDk0OTM4NDJlOTlmNmYzZDNiNmQ5NDgwOTE=","fqdn":"login-okta.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://login-okta.inoffice.click/discovery/iframe.html","date":"2023-09-08T17:08:19.889Z","timestamp":1694192899889,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /websocket/hook/?R10lzW=NjI3MmJiNDk0OTM4NDJlOTlmNmYzZDNiNmQ5NDgwOTE= HTTP/1.1\r\nHost: login-okta.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://login-okta.inoffice.click\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: N/N1GkQH5EF1OnyoFKIWGg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Fri, 08 Sep 2023 17:08:20 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: qZ01C+mqQPcsf/4y3S0H8RVjQpg=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":357,"timings":{"blocked":0,"dns":0,"connect":26,"send":0,"wait":296,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/img/ui/forms/checkbox-sign-in-widget.png","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.956Z","timestamp":1694192898956,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.9.1/img/ui/forms/checkbox-sign-in-widget.png HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: image/png\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Wed, 30 Aug 2023 01:46:46 GMT\r\netag: \"7846b2f8c6d0a7ca69fdd3d3c294e92d\"\r\nx-amz-meta-sha1sum: e0bb021ffdf93c68fef44de2a3b08f378b6fb50a\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 0a6bbd9174811c69f7dfb09b939e5b08.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: -QJLeqd2_QZzVzTYHTaMGTTMw49SKf3w-msYPltqBPzlFuG-JJHSUQ==\r\nage: 830729\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3141,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 1155, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7846b2f8c6d0a7ca69fdd3d3c294e92d","sha1":"e0bb021ffdf93c68fef44de2a3b08f378b6fb50a","sha256":"40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665","sha512":"c08600b8b07d56bb502f9aed5ce2bab59b33105c1ccf595413bc7158368fa06c73bc2d22c7cc99d1efd10fd7c599cee92163dec3d2312bfd98dbf69457c59de7","ssdeep":"","tlshash":"b951f8f530f1b901b224a7a4ba10c65203e04fe647da0eb25a406f2df3a0c57d6d26ab","first_seen":"2023-05-09T00:44:14Z","last_seen":"2026-04-09T00:36:36.285727Z","times_seen":6531,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-light-webfont.woff","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.958Z","timestamp":1694192898958,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-light-webfont.woff HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://6ceb104b-6272bb49.inoffice.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ef0b005b-6272bb49.inoffice.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: application/font-woff\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Wed, 30 Aug 2023 01:46:45 GMT\r\netag: \"6225f3ca44b83090833064727a09cc95\"\r\nx-amz-meta-sha1sum: 3449db1ccdfe0aeaf89101cc28ecafaecae9fc89\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 0a6bbd9174811c69f7dfb09b939e5b08.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: tAFU-OWr4fkvNfLyOteFP2IgfVYJKm29_HjE38C3RhKEUidWOk5-Lg==\r\nage: 829880\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22112,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 22112, version 0.0\\012- data","md5":"6225f3ca44b83090833064727a09cc95","sha1":"3449db1ccdfe0aeaf89101cc28ecafaecae9fc89","sha256":"feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace","sha512":"fb65614a44f2a42020e742a7826b2780bfb38a0fbe17465ebdbd3a5b49cdf06bde6ab07562e5530f628236efa1a089303360a55723eb0dd5165056885252e592","ssdeep":"384:AVywQni+W8mgRGbXYbm6OTkTuHJe9iVj1SbShOp6nK1swN8E0jNJtxdCsXm:AVywYFmZIbpukTupe4VjU2Op6nK1swq2","tlshash":"b3a2e1239f069229e6c2f230b686beb06ebebc0341d9754524d73b1355eb464c7ac5d1","first_seen":"2023-04-19T12:34:33Z","last_seen":"2026-04-08T20:24:57.146056Z","times_seen":1304,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.inoffice.click/?username=marissa.garcia@insgroup.net","fqdn":"microsoft.inoffice.click","domain":"insgroup.net","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-08T17:08:09.949Z","timestamp":1694192889949,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /?username=marissa.garcia@insgroup.net HTTP/1.1\r\nHost: microsoft.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:10 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":267454,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":86,"dns":1,"connect":27,"send":0,"wait":207,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"microsoft.inoffice.click/?username=marissa.garcia@insgroup.net","fqdn":"microsoft.inoffice.click","domain":"insgroup.net","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-08T17:08:10.870Z","timestamp":1694192890870,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"POST /?username=marissa.garcia@insgroup.net HTTP/1.1\r\nHost: microsoft.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1001\r\nOrigin: https://microsoft.inoffice.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft.inoffice.click/?username=marissa.garcia@insgroup.net\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:10 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://microsoft.inoffice.click/?username=marissa.garcia@insgroup.net\r\nset-cookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"; Domain=inoffice.click; HttpOnly; Path=/; SameSite=None; Secure\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":17819,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.396Z","timestamp":1694192898396,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://6ceb104b-6272bb49.inoffice.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:18 GMT\r\ncontent-type: application/javascript\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Tue, 11 Jul 2023 21:19:05 GMT\r\nx-amz-meta-sha1sum: 34f075e4d0f6b20eb712a2053d423869bb60771b\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\netag: W/\"d05a8c2e6bdf6d212b92af4d6b9cfefe\"\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: 9GxHEfEn1O5IKXfsVdFEqy8Li5s4jgttU-JcPs8dtzKoJPa_A08Vxw==\r\nage: 1807587\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":209404,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65460)","md5":"1569fec2bafea00e0201f9eaa2569ccf","sha1":"59d96914c523d8f7f10e41ff00778aa3f0f20b48","sha256":"d453959d2159aa02b05d1797260af6bb2d60cdbe66f473ad25fe5b10bf0155a4","sha512":"b2c222fbaa0ef78db198e4da99c44e463dd7b72641158496eb4bc8bac196d9005e04ee6d19db118cc4b430be465f2b3c95c71df64ec1030bb7d19d668c0e65e5","ssdeep":"3072:rbUQT3DD99gmQY12D417k93L+PjKRA1AV0EMg:rYQTzDnMYI49+L+P+RA60hg","tlshash":"6824f9dc73c5b46243a720b9406f230ab23a6869784dc458f575d4eabc78a4a523ff7c","first_seen":"2023-09-08T19:08:54Z","last_seen":"2023-09-08T19:08:54Z","times_seen":1,"resource_available":true,"data":null}},"time_used":359,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":359,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login-okta.inoffice.click/discovery/iframe.html","fqdn":"login-okta.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.848Z","timestamp":1694192898848,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /discovery/iframe.html HTTP/1.1\r\nHost: login-okta.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 01 Jun 2023 17:31:02 GMT\r\netag: W/\"f8b177440411e7269b647ae1012388bb\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 c3ea695df6623739937b8dda8c1599f8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C2\r\nx-amz-cf-id: LmkhoBZjT0-9egyUWLB3CqdwfmD0IiW91bUZ3bX_pKOfrqznotFepA==\r\nage: 30099\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":164660,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (65080)","md5":"1f46e33852e9c650428fd40118d02f95","sha1":"3629ee3af23978664ae3809c6ae72fc802b3fbb5","sha256":"beba7c179987c5b4ecbb91a9645223c103103cbcf9e4c0aefb62442a64f5cf17","sha512":"2228b89f7fbe4a2e9f24133f49757e07075801a57c2f6f41d8fdeb81f3fa050dc4c642a674e0a35e25f00ab7eb467efd2649d9ce455a3c3f57466330eea29926","ssdeep":"3072:Q3DfiYkoMYXLT0jLkpWDuGdhX191boVFXuWCNxIT95:QzfihoMG6XuGdhXElCNxIT95","tlshash":"d4f3934077d0b84913a79b76b32fb4d6f46f08af3c58484bd111fd9069a862aeef1931","first_seen":"2023-09-08T19:08:54Z","last_seen":"2023-09-08T19:08:54Z","times_seen":1,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/favicon.ico","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.513Z","timestamp":1694192898513,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 6ceb104b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: image/x-icon\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\naccept-ranges: bytes\r\netag: W/\"5430-1693451450000\"\r\nlast-modified: Thu, 31 Aug 2023 03:10:50 GMT\r\nx-robots-tag: noindex,nofollow\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2573,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\\012- data","md5":"156c2b030d103f44ae39ca515ad72512","sha1":"c9b39fe343ecbad1d57352aebc27c18db2faec0c","sha256":"7907d74ef071d4568c5e51d55adefefb76194f2e656320573d6b968941e3b6fd","sha512":"df68961969c03f8a424f2ceab75db2efa990882cf6941768fa3609bab7915897e071c58ab26d1414437093d60125d39bfc0afe0c6b14e8466f045f4c4ba9ac7d","ssdeep":"","tlshash":"","first_seen":"2023-06-05T17:49:04Z","last_seen":"2024-08-21T09:16:31.746815Z","times_seen":45,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/fs/bco/1/fs02fc7vg86O6hY2i4x7","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.904Z","timestamp":1694192898904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /fs/bco/1/fs02fc7vg86O6hY2i4x7 HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: image/png\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Tue, 02 Mar 2021 21:48:00 GMT\r\netag: \"e380946a755bc8072c277df1b0b27cdf\"\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 85e4c30db6ed9459bdead04635e1ab68.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: crk_eh4nJtRXXPpvlISVtCtyM9MKg9PggQ4IUjAWecPsZLBvzWISsw==\r\nage: 184687\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14130,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 178 x 50, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e380946a755bc8072c277df1b0b27cdf","sha1":"a6d1ca3e7cedd48accf1e8542301e70466133d09","sha256":"aae0022cfd40b124b4df63b935228205f5461616fe8ad265c32116642224c0d8","sha512":"8e5e727e0d574ac628c34ecff15de5e7e25747f34f158efa15849318230b9463d52efce195c75d58657151624e9d04bf03229c30181bcb3574bc014d88fd9669","ssdeep":"","tlshash":"","first_seen":"2023-08-07T20:04:11Z","last_seen":"2023-09-08T19:08:54Z","times_seen":4,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-regular-webfont.woff","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.991Z","timestamp":1694192898991,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.9.1/font/montserrat-okta-regular-webfont.woff HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://6ceb104b-6272bb49.inoffice.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ef0b005b-6272bb49.inoffice.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: application/font-woff\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Wed, 30 Aug 2023 01:46:46 GMT\r\netag: \"8f2822b73b5f9c106c6f2e0db820bcbb\"\r\nx-amz-meta-sha1sum: b838e30072520735c49eda52cb2d3a0f4b30f0f2\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 7038a0e71a25504eb98df48695c04c7a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: -dwpQPJpgIwtwIl10gfEUfD18ly7YwYaXuPsQ7J0j3XQu0JYPrjj9w==\r\nage: 829880\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21980,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 21980, version 0.0\\012- data","md5":"8f2822b73b5f9c106c6f2e0db820bcbb","sha1":"b838e30072520735c49eda52cb2d3a0f4b30f0f2","sha256":"1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3","sha512":"e6e15a17dcfa88d2d1e8328003abc6962893c0eb1a8919a45fe4c50aa106abbf101c4a678142011316b62157f8d14c9f042044c656daf6ffe6008f02a015cecc","ssdeep":"384:JPQnrTWiXmCBZoEiAMvu+SOJMNtf435E3iWhxmld3CVpDxlS7xkftxZ5PWQVMg9C:JPOpXvBZ3moIVEQCVPlS7qZ5PWyMgk","tlshash":"20a2d063cd9ad2c8d5d3bc266be6d026533c63652bf22f91f5c3dab046a44bb4451313","first_seen":"2023-04-24T14:45:10Z","last_seen":"2026-04-08T17:51:20.824788Z","times_seen":717,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/app/office365/exk4vpkeejP7OM7i64x7/sso/wsfed/passive?login_hint=marissa.garcia%40insgroup.net\u0026client-request-id=dff956e9-b28f-47d8-84b5-0414f7e6369b\u0026username=marissa.garcia%40insgroup.net\u0026wa=wsignin1.0\u0026wtrealm=urn%3afederation%3aMicrosoftOnline\u0026wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-08T17:08:13.545Z","timestamp":1694192893545,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /app/office365/exk4vpkeejP7OM7i64x7/sso/wsfed/passive?login_hint=marissa.garcia%40insgroup.net\u0026client-request-id=dff956e9-b28f-47d8-84b5-0414f7e6369b\u0026username=marissa.garcia%40insgroup.net\u0026wa=wsignin1.0\u0026wtrealm=urn%3afederation%3aMicrosoftOnline\u0026wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0 HTTP/1.1\r\nHost: 6ceb104b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://microsoft.inoffice.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:14 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nx-okta-request-id: ZPtU_njikUZnwzXyb0c3nwAAARU\r\np3p: CP=\"HONK\"\r\ncontent-language: en\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":17819,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":667,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":650,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:14.892Z","timestamp":1694192894892,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.9.1/js/okta-sign-in.min.js HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:17 GMT\r\ncontent-type: application/javascript\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Wed, 30 Aug 2023 01:47:42 GMT\r\netag: W/\"2886ed018e3f5882013a05e53d0fcf63\"\r\nx-amz-meta-sha1sum: 177593f1d7587ba81e38de5e73a79cb25ff653ee\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2a29e84e317dcbf526e3d2cf9be30bf6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: OawyCSoalbm_7-Ka5yic7zH7bNpBHpw1MZ8o7a_-prWXuzIUbZciZQ==\r\nage: 830726\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1736570,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":3035,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":2997,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/img/security/default.png","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:18.934Z","timestamp":1694192898934,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.9.1/img/security/default.png HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: image/png\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Wed, 30 Aug 2023 01:46:54 GMT\r\netag: \"04eeeba5b3538c4524d8e6828ba2c405\"\r\nx-amz-meta-sha1sum: 8db73b75bc7547a90aebd1377852ea3bf7cbc5ea\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: vNkC8SZKWGGcUOLFi-OX46_6ilP_1mrZM9X5i3I1Sjsf7-gPfVIcBQ==\r\nage: 829972\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\\012- data","md5":"04eeeba5b3538c4524d8e6828ba2c405","sha1":"8db73b75bc7547a90aebd1377852ea3bf7cbc5ea","sha256":"da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434","sha512":"c5e00c512c3533da77fd403a45b91a9a791a42e487a3466742440a67157e623c45961e414f40c5e1e35aa811ba54b37c4a5106ea73bdc311eb03415a8b117b44","ssdeep":"","tlshash":"1831c98cb95094636245880529fe041b68134dd2e9f0f09d3d4f981314b61fe889f8e7","first_seen":"2023-05-17T19:50:24Z","last_seen":"2026-04-08T00:33:26.757692Z","times_seen":4433,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login-okta.inoffice.click/lib/discoveryIframe-88dc7396afa19c320b05.min.js","fqdn":"login-okta.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login-okta.inoffice.click/discovery/iframe.html","date":"2023-09-08T17:08:19.197Z","timestamp":1694192899197,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /lib/discoveryIframe-88dc7396afa19c320b05.min.js HTTP/1.1\r\nHost: login-okta.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login-okta.inoffice.click/discovery/iframe.html\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:19 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 01 Jun 2023 17:31:03 GMT\r\netag: W/\"19953e3854535d02dccdbf809bacf44a\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f2bfcb0e5eaa96cb4b9aaa38ccd55546.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C2\r\nx-amz-cf-id: qoemkv4lflHr9LOuJ8rl-nnFLWd-X25fXTZA4gmOVOUTTmQaZQJovw==\r\nage: 41785\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":98315,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":581,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","fqdn":"6ceb104b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-08T17:08:14.217Z","timestamp":1694192894217,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0 HTTP/1.1\r\nHost: 6ceb104b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://microsoft.inoffice.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:14 GMT\r\ncontent-type: text/html;charset=utf-8\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-okta-request-id: ZPtU_m3YLN-LdLDp25ZiBAAABBg\r\np3p: CP=\"HONK\"\r\nreport-to: {\"group\":\"csp\",\"max_age\":31536000,\"endpoints\":[{\"url\":\"https://42079903-6272bb49.inoffice.click/a/t/g\"}],\"include_subdomains\":true}\r\nx-rate-limit-limit: 1200\r\nx-rate-limit-remaining: 699\r\nx-rate-limit-reset: 1694192898\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nx-ua-compatible: IE=edge\r\ncontent-language: en\r\nx-robots-tag: noindex,nofollow\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17819,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, ASCII text, with very long lines (957)","md5":"4e1f382a1815ddb6515eaa7c8303b0dd","sha1":"035ffb7cd8d96461cdc09ea832c1475aa2ffaedf","sha256":"eef6a82478c355cc873a4bf9c26665bb380dfd99b6e27ffb5ce5eeb24d9c4b45","sha512":"47cd6d706930ff14bd8eae1e47d2b0eb55656e0ab9fc2e1865800a8be953e133164b59056ca3dbc364d6f0aa888f3b37f4b9f3bf7cb9db23cbbf9a98312e6cbf","ssdeep":"384:CYwWDYy5xYmaY5J4uTN83X7KhwXioyyF+YIncOjjdNn4CY+:CFOtsN/HOhwxt+IOluCD","tlshash":"14821a2f1cb76431780381a4957da6023a615023884aff2479fcd2647f8df897cb7ad9","first_seen":"2023-09-08T19:08:54Z","last_seen":"2023-09-08T19:08:54Z","times_seen":1,"resource_available":false,"data":null}},"time_used":617,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":617,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:14.894Z","timestamp":1694192894894,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /assets/js/sdk/okta-signin-widget/7.9.1/css/okta-sign-in.min.css HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:15 GMT\r\ncontent-type: text/css\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Wed, 30 Aug 2023 01:46:44 GMT\r\netag: W/\"07655b3f2b8b24a071727f94f566a06e\"\r\nx-amz-meta-sha1sum: 3ae13bad2268aa3198c24b8ad9709ce5b25254f7\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d0a9a72e5bf584d7f4cd7045997db51e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: wwq4cWsxqBMybWLrtX0u1KJPYvVgbFxR7jQg5KcvV3DFwo-H0FQSpw==\r\nage: 830726\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":221536,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T02:38:17.241927Z","times_seen":13523349,"resource_available":true,"data":null}},"time_used":434,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ef0b005b-6272bb49.inoffice.click/fs/bcg/4/gfs2bq7r4nkpcfS9B4x7","fqdn":"ef0b005b-6272bb49.inoffice.click","domain":"inoffice.click","tld":"click"},"ip":{"addr":"138.68.106.129","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://6ceb104b-6272bb49.inoffice.click/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk4vpkeejP7OM7i64x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dmarissa.garcia%2540insgroup.net%26client-request-id%3Ddff956e9-b28f-47d8-84b5-0414f7e6369b%26username%3Dmarissa.garcia%2540insgroup.net%26wa%3Dwsignin1.0%26wtrealm%3Durn%3Afederation%3AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARehv2837_phnvLVhaR78_MZq9iVCZshP4FRsYXjIyTmKRzE4syi4sT9dITi5IzEx0y84rTi_JLC_TyUktuMQn6F6V7poQXu6WmpBYllmTm5z1ixqfjAovAKxYmA44fLIyLWIFum7v4dXzD9uOOTd-mr7o4jYHhFKu-Z3iiR1KBb2RmiGF-llmJZ2WVb76JtrZHql9oiWu4t0-qn5OlT3mUeXCAha2pleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9_yZ0u-Ppr45q3HK34di4Iw16iw5LSwSGP9cv0MvyqjYi9tyxRXFzOzkrJkD--gnMTUIhfzAIv8bFsA0","date":"2023-09-08T17:08:14.902Z","timestamp":1694192894902,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inoffice.click","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Sep 2023 13:03:37 GMT","end":"Thu, 07 Dec 2023 13:03:36 GMT"},"fingerprint":{"sha1":"E4:78:B0:FA:21:08:63:A3:10:D0:C5:9B:43:16:AC:8C:E1:6D:BD:4F","sha256":"2E:C3:96:51:DD:35:49:CE:5B:09:27:C0:A4:53:3F:E1:5D:F0:92:D1:24:54:90:FB:2C:AC:0E:DA:C0:47:F0:03"}}},"request":{"raw":"GET /fs/bcg/4/gfs2bq7r4nkpcfS9B4x7 HTTP/1.1\r\nHost: ef0b005b-6272bb49.inoffice.click\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://6ceb104b-6272bb49.inoffice.click/\r\nCookie: R10lzW=\"NjI3MmJiNDktNDkzOC00MmU5LTlmNmYtM2QzYjZkOTQ4MDkxOjE2Mjg1NzhmLTZmZWUtNDg5My05NjQwLWNkZGRkMTZlOTJmZQ==\"\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 08 Sep 2023 17:08:15 GMT\r\ncontent-type: image/png\r\npublic-key-pins-report-only: pin-sha256=\"r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8=\"; pin-sha256=\"MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ=\"; pin-sha256=\"72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI=\"; pin-sha256=\"rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg=\"; max-age=60; report-uri=\"https://667496d6-6272bb49.inoffice.click/r/default/hpkp/reportOnly\"\r\nlast-modified: Tue, 23 Feb 2021 04:21:31 GMT\r\netag: \"12bdacc832185d0367ecc23fd24c86ce\"\r\ncache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ef32d25cab1f0dec4c6ff87f7986fe02.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HAM50-C3\r\nx-amz-cf-id: ElYvvnTrpUlAM8ypUwAZkUIXzY47n0JQZ5e4W7SI1qSeQQ93BsFhCw==\r\nage: 1207606\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10796,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced\\012- data","md5":"12bdacc832185d0367ecc23fd24c86ce","sha1":"4422f316eb4d8c8d160312bb695fd1d944cbff12","sha256":"877ae491d9aac5c6ef82a8430f9f652ace8a0dbc7294bd112aad49bd593769d0","sha512":"36c319ac7f75202190e7a59f3f3c92892a71d5f17663e672319a745b6574bcfde7c89b35f480cb15a193924dacb9d67f8ca1e1bc2bf33fc5ccbfa152cc7ba2d0","ssdeep":"192:aPzBBDKs07GiH528urXXSjD4/voR3Euri/in9Q28oLaIAQLdCYXQIDeoIdv60:aPVBQ7P5nIyjD+oRnr4inJdANuGdC0","tlshash":"7122af89d5a7d9387f3ff18c00be1fcb46f8a1f9760608b93989875d0641d9c188c499","first_seen":"2023-05-04T21:28:17Z","last_seen":"2026-04-07T17:47:17.025817Z","times_seen":38426,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}