Report - mobile.highpoint.edu/owa/redir.aspx?C=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..

Report Overview

Submitted URL
mobile.highpoint.edu/owa/redir.aspx?C=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
IP
192.154.46.96
ASN
#14448 14448
Submitted
2024-04-24 18:52:54
Access
public
Website Title
Outlook Web App
Final URL
mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Tags
microsoft phishing
urlquery detections
Phishing - Microsoft

Detections

urlquery
20
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mobile.highpoint.edu	unknown	1993-03-26	2015-03-18	2023-08-27	12 kB	38 kB	192.154.46.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	mobile.highpoint.edu/owa/14.3.513.0/scripts/premium/flogon.js	4.3 kB	2023-03-07	2024-04-24
Pretty URL mobile.highpoint.edu/owa/14.3.513.0/scripts/premium/flogon.js IP 192.154.46.96 ASN #14448 14448 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:45:33 Last Seen2024-04-24 20:52:55 Times Seen117 Hash c5117acab776c21fdd2de21f15fa9d6f 9dc4578b5992446515abc5763cd0898f88bcd35e 215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060 Loading...

	mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..	0 B	2023-03-07	2024-05-04
Pretty URL mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA.. IP 192.154.46.96 ASN #14448 14448 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 16:59:07 Times Seen37339094 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (19)

URL IP Response Size

mobile.highpoint.edu/owa/redir.aspx?C=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..

192.154.46.96

0 B

URL
mobile.highpoint.edu/owa/redir.aspx?C=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
IP
192.154.46.96:0
ASN
#14448 14448

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/redir.aspx?C=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA.. HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://mobile.highpoint.edu/owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0
Set-Cookie: sessionid=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
cadata=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Date: Wed, 24 Apr 2024 18:52:28 GMT

mobile.highpoint.edu/owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0

192.154.46.96

1.1 kB

URL
mobile.highpoint.edu/owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0
IP
192.154.46.96:0
ASN
#14448 14448

File type
HTML document, ASCII text, with very long lines (365), with CRLF, LF line terminators
Size
1.1 kB (1060 bytes)
Hash
e9279e627fdd02aa233064a7fb71db29
a43c2d39f77f19347c303e3e435af92dfcf33cd7
f5842c1b08131faddb50a551550865465de85d9d3668a1dc15394b246db8dc69

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0 HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Set-Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc; path=/; secure; HttpOnly
X-OWA-Version: 14.3.513.0
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:28 GMT
Content-Length: 1060

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css

192.154.46.96

200 OK

1.0 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1008), with CRLF line terminators
Size
1.0 kB (1037 bytes)
Hash
2d0333f5bfc005f284ccf423fa9db871
3324e452de752ebd1401207548c6f8c3d84eca76
da50bcb5382766a7c25162bbfd523928ccecf337ed574af0b249a59b546cb834

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/logon.css HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:28 GMT
Content-Length: 1037

mobile.highpoint.edu/owa/14.3.513.0/scripts/premium/flogon.js

192.154.46.96

200 OK

1.9 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/scripts/premium/flogon.js
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4296), with no line terminators
Size
1.9 kB (1934 bytes)
Hash
c5117acab776c21fdd2de21f15fa9d6f
9dc4578b5992446515abc5763cd0898f88bcd35e
215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/scripts/premium/flogon.js HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 27 May 2015 17:47:54 GMT
Accept-Ranges: bytes
ETag: "0811d42a598d01:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:28 GMT
Content-Length: 1934

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/owafont.css

192.154.46.96

200 OK

1.8 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/owafont.css
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1034), with CRLF line terminators
Size
1.8 kB (1773 bytes)
Hash
d0fc53724ee34d86cb3de756e7d55a7d
a0de8c5de11e42a11548d67fb40c4c6c5562a2cb
5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/owafont.css HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 1773

mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..

192.154.46.96

200 OK

3.4 kB

URL User Request GET HTTP/1.1
mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
IP
192.154.46.96:443
ASN
#14448 14448

Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (440), with CRLF, LF line terminators
Size
3.4 kB (3376 bytes)
Hash
9405e9c9041f14a30105dbe85b27eb27
e549ffd69fd4d84c3e15eb564e29a2ad5191fadb
682047df0bfc760ea67ee9a19c6009e8ec190c4bb7bcb31364f81d0be20eeeee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA.. HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?url=https://mobile.highpoint.edu/owa/redir.aspx%3FC=l5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..&reason=0
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-OWA-Version: 14.3.513.0
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 3376

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css

192.154.46.96

200 OK

1.0 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1008), with CRLF line terminators
Size
1.0 kB (1037 bytes)
Hash
2d0333f5bfc005f284ccf423fa9db871
3324e452de752ebd1401207548c6f8c3d84eca76
da50bcb5382766a7c25162bbfd523928ccecf337ed574af0b249a59b546cb834

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/logon.css HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 1037

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/owafont.css

192.154.46.96

200 OK

1.6 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/owafont.css
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1034), with CRLF line terminators
Size
1.6 kB (1554 bytes)
Hash
d0fc53724ee34d86cb3de756e7d55a7d
a0de8c5de11e42a11548d67fb40c4c6c5562a2cb
5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/owafont.css HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 1554

mobile.highpoint.edu/owa/14.3.513.0/scripts/premium/flogon.js

192.154.46.96

200 OK

1.7 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/scripts/premium/flogon.js
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4296), with no line terminators
Size
1.7 kB (1671 bytes)
Hash
c5117acab776c21fdd2de21f15fa9d6f
9dc4578b5992446515abc5763cd0898f88bcd35e
215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/scripts/premium/flogon.js HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 27 May 2015 17:47:54 GMT
Accept-Ranges: bytes
ETag: "0811d42a598d01:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 1671

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnexlogo.gif

192.154.46.96

200 OK

61 B

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnexlogo.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 22 x 22
Size
61 B (61 bytes)
Hash
873c522598fb6da9f70d5dde7ccf6213
c09fdcf5e3933b8efdae4505825e786462cdad51
b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgnexlogo.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 61

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnbotl.gif

192.154.46.96

200 OK

9.3 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnbotl.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 456 x 54
Size
9.3 kB (9311 bytes)
Hash
e0a2c263c6745f251720fe0876d140c4
51b2196c6b10b8c6443e4f91b4c6281134755f33
0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgnbotl.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 9311

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnleft.gif

192.154.46.96

200 OK

290 B

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnleft.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 15 x 200
Size
290 B (290 bytes)
Hash
baf34665612f4d59f7cfc06ea82da21d
2c8cf5f76499e66d609ddaac026720ef28078421
96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgnleft.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 290

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnright.gif

192.154.46.96

200 OK

306 B

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnright.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 15 x 200
Size
306 B (306 bytes)
Hash
391603f1faee60db855bd11650dbbf72
9728452459447efcc7c453c2150139839fa174bc
a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgnright.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 306

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnbotm.gif

192.154.46.96

200 OK

276 B

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnbotm.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 54
Size
276 B (276 bytes)
Hash
704330b6d293ce2d32780739218696b9
6ebd408ff617f5317595121191a92bd9ba69a01f
6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgnbotm.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 276

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgntopl.gif

192.154.46.96

200 OK

4.5 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgntopl.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 456 x 115
Size
4.5 kB (4455 bytes)
Hash
6ae33a65d15f6bb5113e066fca7fa73a
fa8477f0eaed3ade4a217e91133ba37242be0c19
b478b93f8f9a262321211d8ce812cdd6accdfb4ede6e0230ccf44e77ad161f97

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgntopl.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 4455

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgntopr.gif

192.154.46.96

200 OK

581 B

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgntopr.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 45 x 115
Size
581 B (581 bytes)
Hash
031bed6f568fbddddf550a97400b273f
69342ba98b1a924ea4f984f5ef6b244ba0177cb3
f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgntopr.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 581

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnbotr.gif

192.154.46.96

200 OK

2.4 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgnbotr.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 45 x 54
Size
2.4 kB (2392 bytes)
Hash
43b7c46b32691aa778c5e49d139db8f5
e72b87c696eed81b71b853ce245a30377dce205e
97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgnbotr.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 2392

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgntopm.gif

192.154.46.96

200 OK

58 B

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/lgntopm.gif
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 115
Size
58 B (58 bytes)
Hash
0615717b3645a8573f07347cdb74d69f
b707c5a9ede57d3232138ed7ccdb0b4ee9e56043
9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/lgntopm.gif HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/14.3.513.0/themes/resources/logon.css
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/gif
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 58

mobile.highpoint.edu/owa/14.3.513.0/themes/resources/favicon.ico

192.154.46.96

200 OK

1.2 kB

URL GET HTTP/1.1
mobile.highpoint.edu/owa/14.3.513.0/themes/resources/favicon.ico
IP
192.154.46.96:443
ASN
#14448 14448

Requested by
https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Certificate
IssuerDigiCert Inc
Subject*.highpoint.edu
Fingerprint40:A0:78:6A:9C:D9:35:F7:D0:8D:E1:8B:F8:82:F8:3F:7B:51:8E:54
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
af0e7a63be394e3d5b0691ff91f4f3ea
dec8da70db061c6ae95d5ccb0a59fdf7c06f0245
164ae0034b553725938a2493e7fc42c87c19d2b1af730f5b00dec91f75957e0a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /owa/14.3.513.0/themes/resources/favicon.ico HTTP/1.1
Host: mobile.highpoint.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mobile.highpoint.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmobile.highpoint.edu%2fowa%2fredir.aspx%3fC%3dl5z-ozwvywuxB1UfIDnV95SD7UyObLjuZ04ODkrCpVpt2anLjmTcCA..
Cookie: OutlookSession=a16415711a924a20966baf1bdaa168dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/x-icon
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Accept-Ranges: bytes
ETag: "043c328164ce1:0"
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 18:52:29 GMT
Content-Length: 1150

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN