| correo.progressa.com.co/css/common,login,zhtml,skin.css?skin=harmony&v=230908141207 | 181.143.117.82 | 200 OK | 15 kB |
URL GET HTTP/2correo.progressa.com.co/css/common,login,zhtml,skin.css?skin=harmony&v=230908141207 IP181.143.117.82:443 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttps://correo.progressa.com.co/ CertificateIssuerLet's Encrypt Subjectcorreo.progressa.com.co Fingerprint58:10:AF:A2:F1:B0:29:BE:34:04:09:11:6E:EF:8C:C4:57:D0:CC:CA ValidityMon, 29 Jan 2024 01:58:19 GMT - Sun, 28 Apr 2024 01:58:18 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Hashabb48a60933d6b8e315c356e4fde572c bbb1a0cc0479c5232ed43b840693edb21582c867 1c46c79c3cb2676603de5514282e4547b13a1d39e9ab68db55730d72a43e05a7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /css/common,login,zhtml,skin.css?skin=harmony&v=230908141207 HTTP/1.1
Host: correo.progressa.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://correo.progressa.com.co/
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=3aa90f37-d8b8-4c90-aa6d-942385e5332c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 20:50:04 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
expires: Sat, 25 May 2024 21:50:04 GMT
cache-control: public, max-age=2595600
vary: User-Agent, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
| correo.progressa.com.co/img/logo/favicon.ico | 181.143.117.82 | 200 OK | 1.2 kB |
URL GET HTTP/2correo.progressa.com.co/img/logo/favicon.ico IP181.143.117.82:443 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttps://correo.progressa.com.co/ CertificateIssuerLet's Encrypt Subjectcorreo.progressa.com.co Fingerprint58:10:AF:A2:F1:B0:29:BE:34:04:09:11:6E:EF:8C:C4:57:D0:CC:CA ValidityMon, 29 Jan 2024 01:58:19 GMT - Sun, 28 Apr 2024 01:58:18 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash8c7d1c14e4b9c42f07bd6b800d93b806 87e49826ffb3bc1ddac38feebb6bb98eaef568b2 1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /img/logo/favicon.ico HTTP/1.1
Host: correo.progressa.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://correo.progressa.com.co/
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=3aa90f37-d8b8-4c90-aa6d-942385e5332c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 20:50:04 GMT
content-type: image/x-icon
content-length: 1150
x-frame-options: SAMEORIGIN
expires: Sat, 25 May 2024 21:50:04 GMT
cache-control: public, max-age=2595600
last-modified: Fri, 08 Sep 2023 13:47:06 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
| correo.progressa.com.co/skins/_base/logos/LoginBanner_white.png?v=230908141207 | 181.143.117.82 | 200 OK | 3.3 kB |
URL GET HTTP/2correo.progressa.com.co/skins/_base/logos/LoginBanner_white.png?v=230908141207 IP181.143.117.82:443 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
Requested byhttps://correo.progressa.com.co/ CertificateIssuerLet's Encrypt Subjectcorreo.progressa.com.co Fingerprint58:10:AF:A2:F1:B0:29:BE:34:04:09:11:6E:EF:8C:C4:57:D0:CC:CA ValidityMon, 29 Jan 2024 01:58:19 GMT - Sun, 28 Apr 2024 01:58:18 GMT
File typePNG image data, 163 x 36, 8-bit/color RGBA, non-interlaced Hashe04d149f1a5dec8a4b31e20e1f1413fb 44e9355e76474683c0f9ebd8c8150fffd30f9e9b 8db258b55ceabeb5c9c8bf41f59a2743c579cfcee58c34cacc945ad9c01d6ef1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /skins/_base/logos/LoginBanner_white.png?v=230908141207 HTTP/1.1
Host: correo.progressa.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://correo.progressa.com.co/css/common,login,zhtml,skin.css?skin=harmony&v=230908141207
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=3aa90f37-d8b8-4c90-aa6d-942385e5332c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 20:50:04 GMT
content-type: image/png
content-length: 3299
x-frame-options: SAMEORIGIN
expires: Sat, 25 May 2024 21:50:04 GMT
cache-control: public, max-age=2595600
last-modified: Fri, 08 Sep 2023 13:47:06 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/2IP181.143.117.82:443 ASN#13489 EPM Telecomunicaciones S.A. E.S.P.
CertificateIssuerLet's Encrypt Subjectcorreo.progressa.com.co Fingerprint58:10:AF:A2:F1:B0:29:BE:34:04:09:11:6E:EF:8C:C4:57:D0:CC:CA ValidityMon, 29 Jan 2024 01:58:19 GMT - Sun, 28 Apr 2024 01:58:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET / HTTP/1.1
Host: correo.progressa.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 20:50:03 GMT
content-type: text/html;charset=utf-8
x-frame-options: SAMEORIGIN
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
content-language: en-US
set-cookie: ZM_TEST=true; Secure
ZM_LOGIN_CSRF=3aa90f37-d8b8-4c90-aa6d-942385e5332c; Secure; HttpOnly
x-ua-compatible: IE=edge
vary: User-Agent, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|