Report - mail.office.hiworks.com

Report Overview

Visited public
2024-01-16 23:37:12
Tags
Submit Tags
URL
mail.office.hiworks.com
Finishing URL
login.office.hiworks.com/
IP / ASN
211.234.118.52
#3786 LG DACOM Corporation
Title
하이웍스 로그인

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mail.office.hiworks.com	448868	2008-10-08	2016-06-16 09:55:23	2024-01-15 16:25:11	478 B	658 B	211.234.118.52
login.office.hiworks.com	unknown	2008-10-08	2023-06-12 12:06:40	2023-10-25 10:41:22	1.9 kB	522 kB	143.204.55.56
cache-api.office.hiworks.com	unknown	2008-10-08	2023-04-29 12:03:47	2023-10-17 11:06:47	1.1 kB	1.3 kB	45.120.70.104
sentry.hiworks.io	unknown	2021-03-15	2022-11-16 07:00:49	2023-09-12 12:35:00	626 B	377 B	139.150.93.24
static.hiworks.com	unknown	2008-10-08	2019-05-31 16:59:15	2023-12-08 14:21:52	884 B	3.4 kB	45.120.70.166

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	login.office.hiworks.com/assets/index-9779df52.js	ScriptElement	1.5 MB	2024-01-17	2024-08-20
Pretty URL login.office.hiworks.com/assets/index-9779df52.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 00:37 Last Seen2024-08-20 12:23 Times Seen2 Hash 67b9584d76b7a59b2bb5150e70c80d17 ef3ec8b0a7cff91a7d508a20bea9c42f3b913bc6 6b03e6145e2e21644e899554f4572095fc4d6e0020bfafefea87cb3e55703fd1 Loading...

	login.office.hiworks.com/	ScriptElement	328 B	2023-04-07	2025-03-18
Pretty URL login.office.hiworks.com/ IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-03-18 21:01 Times Seen9141 Hash 3cb9786af5e65ff7a58c24c85677a40a 1dcbd37c74e0e059f17066831f594c4c2cd531f7 8bc5a4a4db521fb00a74ed14b2351db552ca6530233a4d403dfe004b6fd38f6a Loading...

	login.office.hiworks.com/	ScriptElement	84 B	2023-04-07	2025-07-16
Pretty URL login.office.hiworks.com/ IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-07-16 07:15 Times Seen16455 Hash 528dd01eb509d1fc3c68b48e165c9d77 8d702f33d869eb8c53cf75c17014f96385322395 b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a Loading...

HTTP Transactions (10)

	URL	IP	Response	Size
	mail.office.hiworks.com/	211.234.118.52		312 B
URL mail.office.hiworks.com/ IP 211.234.118.52:0 ASN #3786 LG DACOM Corporation File type HTML document, ASCII text Size 312 B (312 bytes) Hash b4203e4f12e1c530fd3dc443120d8762 38dfb934e69f05176fbf78d3a3dc17cd91e9e20d d60442a575c898b9744ca9e63aca2c0e5616b1ce87a74479bd508bf6dfe7c113 HTTP Headers `GET / HTTP/1.1 Host: mail.office.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Jan 2024 23:36:47 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 312 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: GET, OPTIONS Access-Control-Allow-Origin: *`

	GET login.office.hiworks.com/assets/index-9779df52.js	143.204.55.56	200 OK	470 kB
URL GET HTTP/2 login.office.hiworks.com/assets/index-9779df52.js IP 143.204.55.56:443 ASN #16509 AMAZON-02 Requested by https://login.office.hiworks.com/ Certificate IssuerGlobalSign nv-sa Subject.office.hiworks.com Fingerprint92:9B:4C:C0:B2:18:35:FA:19:13:34:E4:98:CD:21:71:23:D5:15:71 ValidityThu, 11 May 2023 01:11:35 GMT - Tue, 11 Jun 2024 01:11:34 GMT File type ASCII text, with very long lines (16405) Size 470 kB (470170 bytes) Hash c71cb9d9c4962ea8b6e12ad0232367c2 ef8e8dcc185c2e66160c3a49f7a3bad265ffbc66 664d1aa6de2470d294e43d63b8a22d3bee0b385814b9eda7e30883aaf46125ad HTTP Headers `GET /assets/index-9779df52.js HTTP/1.1 Host: login.office.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.office.hiworks.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Tue, 16 Jan 2024 23:36:50 GMT last-modified: Mon, 27 Nov 2023 08:22:02 GMT etag: W/"656451aa-16e4d5" content-encoding: gzip vary: Accept-Encoding x-cache: Miss from cloudfront via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: YaG6Lav9pt5gjZCshlkq4hfSpTut1vl_DCqqi7hnOqAw3sMQ_i_Gsg== X-Firefox-Spdy: h2`

	OPTIONS cache-api.office.hiworks.com/notices	45.120.70.104	204 No Content	0 B
URL OPTIONS HTTP/1.1 cache-api.office.hiworks.com/notices IP 45.120.70.104:443 ASN #3786 LG DACOM Corporation Requested by https://login.office.hiworks.com/ Certificate IssuerGlobalSign nv-sa Subject.office.hiworks.com Fingerprint92:9B:4C:C0:B2:18:35:FA:19:13:34:E4:98:CD:21:71:23:D5:15:71 ValidityThu, 11 May 2023 01:11:35 GMT - Tue, 11 Jun 2024 01:11:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /notices HTTP/1.1 Host: cache-api.office.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: cache-control,expires,pragma Referer: https://login.office.hiworks.com/ Origin: https://login.office.hiworks.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 204 No Content date: Tue, 16 Jan 2024 23:36:53 GMT content-length: 0 x-powered-by: Express access-control-allow-origin: https://login.office.hiworks.com vary: Origin, Access-Control-Request-Headers access-control-allow-credentials: true access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-headers: cache-control,expires,pragma set-cookie: lbg_117_1=lbg_117_1_to_10.4.96.203; path=/`

	OPTIONS cache-api.office.hiworks.com/notices	45.120.70.104	204 No Content	434 B
URL OPTIONS HTTP/1.1 cache-api.office.hiworks.com/notices IP 45.120.70.104:443 ASN #3786 LG DACOM Corporation Requested by https://login.office.hiworks.com/ Certificate IssuerGlobalSign nv-sa Subject*.office.hiworks.com Fingerprint92:9B:4C:C0:B2:18:35:FA:19:13:34:E4:98:CD:21:71:23:D5:15:71 ValidityThu, 11 May 2023 01:11:35 GMT - Tue, 11 Jun 2024 01:11:34 GMT File type JSON data Size 434 B (434 bytes) Hash cebc53425287c76daa9b712eddb34cd4 04231558a8d69e0fef2927309057926fa4fa5dae 65e86ee03e5daa9e8c55e8a837df38162c834e4b867adb09702fb6e4da18ab13 HTTP Headers `GET /notices HTTP/1.1 Host: cache-api.office.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Origin: https://login.office.hiworks.com DNT: 1 Connection: keep-alive Referer: https://login.office.hiworks.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site` `HTTP/1.1 200 OK date: Tue, 16 Jan 2024 23:36:53 GMT content-type: application/json; charset=utf-8 transfer-encoding: chunked x-powered-by: Express access-control-allow-origin: https://login.office.hiworks.com vary: Accept-Encoding, Origin access-control-allow-credentials: true etag: W/"490-BCMVWKjWng/vKScwkFeSb6T6Xa4" content-encoding: gzip set-cookie: lbg_117_1=lbg_117_1_to_10.4.96.214; path=/`

	POST sentry.hiworks.io/api/81/envelope/?sentry_key=dcb5c0120e6649c88cf48dc4f5d86976&sentry_version=7&sentry_client=sentry.javascript.react%2F7.55.2	139.150.93.24	200 OK	41 B
URL POST HTTP/1.1 sentry.hiworks.io/api/81/envelope/?sentry_key=dcb5c0120e6649c88cf48dc4f5d86976&sentry_version=7&sentry_client=sentry.javascript.react%2F7.55.2 IP 139.150.93.24:443 ASN #3786 LG DACOM Corporation Requested by https://login.office.hiworks.com/ Certificate IssuerGlobalSign nv-sa Subject.hiworks.io Fingerprint6F:74:74:09:46:6F:FC:AF:B5:B3:FE:F7:A0:FB:15:72:ED:03:1D:CF ValidityWed, 22 Mar 2023 05:41:03 GMT - Mon, 22 Apr 2024 05:41:02 GMT File type JSON data Size 41 B (41 bytes) Hash 1de6fd8f7029eaa59e02d09eb003ec4f 8f072ccdd92c9609b54e4b2d8977f26967a9012f 4231f1aad7c06de9cab136974f30a931772b435e218cc1bd1eed062c176e2f21 HTTP Headers POST /api/81/envelope/?sentry_key=dcb5c0120e6649c88cf48dc4f5d86976&sentry_version=7&sentry_client=sentry.javascript.react%2F7.55.2 HTTP/1.1 Host: sentry.hiworks.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.office.hiworks.com/ Content-Type: text/plain;charset=UTF-8 Content-Length: 5936 Origin: https://login.office.hiworks.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK server: nginx date: Tue, 16 Jan 2024 23:36:56 GMT content-type: application/json content-length: 41 access-control-allow-origin: https://login.office.hiworks.com access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits vary: Origin set-cookie: lbg_107_1=lbg_107_1_to_10.4.103.25; path=/`

	GET static.hiworks.com/asp/files/logo.svg	45.120.70.166	200 OK	3.1 kB
URL GET HTTP/1.1 static.hiworks.com/asp/files/logo.svg IP 45.120.70.166:443 ASN #3786 LG DACOM Corporation Requested by https://login.office.hiworks.com/ Certificate IssuerGlobalSign nv-sa Subject.hiworks.com Fingerprint14:46:85:99:EE:D7:70:AB:91:95:01:9C:BE:77:1F:AD:D5:6A:EF:44 ValidityTue, 27 Jun 2023 04:16:13 GMT - Sun, 28 Jul 2024 04:16:12 GMT File type SVG Scalable Vector Graphics image Size 3.1 kB (3135 bytes) Hash 05a188bb5e144928969b147d04d9fae6 19acef3d76f5ba967e63a0d49596a13d2e4649c6 cbf30be370f276fd31da9c07ad463521f0596aecbebf0aa08f6f1129c4690fe7 HTTP Headers `GET /asp/files/logo.svg HTTP/1.1 Host: static.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.office.hiworks.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx date: Tue, 16 Jan 2024 23:36:53 GMT content-type: image/svg+xml last-modified: Mon, 15 Jan 2024 04:24:53 GMT transfer-encoding: chunked etag: W/"65a4b395-c3f" content-encoding: gzip set-cookie: lbg_8_1=lbg_8_1_to_10.4.96.158; path=/`

	GET login.office.hiworks.com/favicon.ico	143.204.55.56	200 OK	32 kB
URL GET HTTP/2 login.office.hiworks.com/favicon.ico IP 143.204.55.56:443 ASN #16509 AMAZON-02 Requested by https://login.office.hiworks.com/ Certificate IssuerGlobalSign nv-sa Subject.office.hiworks.com Fingerprint92:9B:4C:C0:B2:18:35:FA:19:13:34:E4:98:CD:21:71:23:D5:15:71 ValidityThu, 11 May 2023 01:11:35 GMT - Tue, 11 Jun 2024 01:11:34 GMT File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Size 32 kB (32038 bytes) Hash a451a2d7276bfdbc84574dcb6feae98f f51b6e144445f8b71bb3e313379e6e9094929ec2 644f0911d30b968d2d35e92e9225253012b358fac7f6005e756a9ddb84498679 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: login.office.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.office.hiworks.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/x-icon date: Tue, 16 Jan 2024 23:36:51 GMT last-modified: Mon, 27 Nov 2023 08:22:02 GMT etag: W/"656451aa-7d26" content-encoding: gzip vary: Accept-Encoding x-cache: Miss from cloudfront via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: b05UgJnORAPhzrUWe439H5AySNdSHF2dkUh_YOsSovjA4h3lFZgx0A== X-Firefox-Spdy: h2`

	GET login.office.hiworks.com/	143.204.55.56	200 OK	1.7 kB
URL User Request GET HTTP/2 login.office.hiworks.com/ IP 143.204.55.56:443 ASN #16509 AMAZON-02 Certificate IssuerGlobalSign nv-sa Subject.office.hiworks.com Fingerprint92:9B:4C:C0:B2:18:35:FA:19:13:34:E4:98:CD:21:71:23:D5:15:71 ValidityThu, 11 May 2023 01:11:35 GMT - Tue, 11 Jun 2024 01:11:34 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (1732), with no line terminators Size 1.7 kB (1666 bytes) Hash 4b58225ca0c02e0b79d5cb4bf8e9329b 218ef96f447b0b848a1e0e20189fc410bb85e352 10df5891d852801d7c820875c3b87a7d28bd2e6e116c8b76b216f4c899739aae HTTP Headers GET / HTTP/1.1 Host: login.office.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mail.office.hiworks.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Tue, 16 Jan 2024 23:36:49 GMT last-modified: Mon, 27 Nov 2023 08:22:02 GMT etag: W/"656451aa-682" cache-control: no-cache, no-store, must-revalidate content-encoding: gzip vary: Accept-Encoding x-cache: Miss from cloudfront via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: zeyZt59JGm-Q80K0RN_DV3qTs-g1AKbvNUI9_bEBuEe3hfwA_pGhbw== X-Firefox-Spdy: h2`

	GET login.office.hiworks.com/assets/index-ca98c1d4.css	143.204.55.56	200 OK	17 kB
URL GET HTTP/2 login.office.hiworks.com/assets/index-ca98c1d4.css IP 143.204.55.56:443 ASN #16509 AMAZON-02 Requested by https://login.office.hiworks.com/ Certificate IssuerGlobalSign nv-sa Subject.office.hiworks.com Fingerprint92:9B:4C:C0:B2:18:35:FA:19:13:34:E4:98:CD:21:71:23:D5:15:71 ValidityThu, 11 May 2023 01:11:35 GMT - Tue, 11 Jun 2024 01:11:34 GMT File type Size 17 kB (16846 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /assets/index-ca98c1d4.css HTTP/1.1 Host: login.office.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.office.hiworks.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: text/css date: Tue, 16 Jan 2024 23:36:49 GMT last-modified: Mon, 27 Nov 2023 08:22:02 GMT etag: W/"656451aa-41ce" content-encoding: gzip vary: Accept-Encoding x-cache: Miss from cloudfront via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 2GYH-Viye9SePGNgEqmOLiovMiqpuoLWCtiPSFqN2llOWfqKljXhzA== X-Firefox-Spdy: h2`

	GET static.hiworks.com/asp/files/logo.svg	0.0.0.0		0 B
URL GET static.hiworks.com/asp/files/logo.svg IP 0.0.0.0:0 ASN #0 Requested by https://login.office.hiworks.com/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /asp/files/logo.svg HTTP/1.1 Host: static.hiworks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.office.hiworks.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL OPTIONS HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL OPTIONS HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP