gophish-chas.msappproxy.net Open in urlscan Pro
13.80.70.51  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response gophish-chas.msappproxy.net/	15 KB 5 KB	413ms 275ms	Document text/html	13.80.70.51 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 13.80.70.51 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 80710ef4222b1f1266a77b60ed64c1205099321bf32ac6af110e3b09e980e44d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 07 Oct 2024 09:15:40 GMT Nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.2,"failure_fraction":1.0} Report-To {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://ffde.nelreports.net/api/report?cat=proxy-appproxy-WEUR-AM3P-1"}]} Transfer-Encoding chunked Vary Accept-Encoding X-Server gophish x-ms-proxy-app-id d169ba0b-872d-4963-9ce3-555e4db7d717 x-ms-proxy-connector-id 5dfa9b03-458c-4a1f-9888-c91d79d12d3b x-ms-proxy-data-center WEUR x-ms-proxy-group-id a9b8155c-49f9-414c-9c5c-58e9acec37e1 x-ms-proxy-service-name proxy-appproxy-WEUR-AM3P-1 x-ms-proxy-subscription-id de209969-e6fc-4d47-b2a0-f9f3ecb3632f x-ms-proxy-transaction-id fff9189a-8fb4-414e-a8dd-3f32b5eabdd1
GET H/1.1	200 OK	check_brower_tls.js Show response www.parcelforce.net/	602 B 1 KB	156ms 72ms	Script text/javascript	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Full URL https://www.parcelforce.net/check_brower_tls.js Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash 502b9f6b9884bf768e0e8bead9d7dd02fbbe14f175c08007dfc3d933ef1fa3be Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Cache-Control max-age=900, private Content-Encoding gzip ETag "25a-62356dc08fc80-gzip" Connection close Expires Mon, 07 Oct 2024 09:30:41 GMT Accept-Ranges bytes Content-Length 361 Date Mon, 07 Oct 2024 09:15:41 GMT Last-Modified Mon, 30 Sep 2024 14:17:06 GMT Vary Accept-Encoding Content-Type text/javascript
GET H/1.1	200 OK	login.js Show response www.parcelforce.net/	28 KB 6 KB	158ms 77ms	Script text/javascript	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Full URL https://www.parcelforce.net/login.js Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash 9f0755e95e376975f6fd3f4f2d70217811b46b4e6e9751c80bacf8b855b195a4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Cache-Control max-age=900, private Content-Encoding gzip ETag "6e6e-6238d245f224c-gzip" Connection close Expires Mon, 07 Oct 2024 09:30:41 GMT Accept-Ranges bytes Content-Length 5716 Date Mon, 07 Oct 2024 09:15:41 GMT Last-Modified Thu, 03 Oct 2024 07:02:47 GMT Vary Accept-Encoding Content-Type text/javascript
GET H/1.1	200 OK	data.js Show response www.parcelforce.net/	25 KB 7 KB	141ms 60ms	Script text/javascript	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Full URL https://www.parcelforce.net/data.js Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash 93bea83361b465337ae9d867bc06e45e6925366273dc3fdb0346676a34298e11 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Cache-Control max-age=900, private Content-Encoding gzip ETag "63cd-62356dc08fc80-gzip" Connection close Expires Mon, 07 Oct 2024 09:30:41 GMT Accept-Ranges bytes Content-Length 6462 Date Mon, 07 Oct 2024 09:15:41 GMT Last-Modified Mon, 30 Sep 2024 14:17:06 GMT Vary Accept-Encoding Content-Type text/javascript
GET H/1.1	200 OK	pw_banner.jpg www.parcelforce.net/images/	22 KB 23 KB	151ms 63ms	Image image/jpeg	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Show image Full URL https://www.parcelforce.net/images/pw_banner.jpg Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash b61b89f5682588e6bf2e82ec9e6f57714f329829fd070bfb25f5d7a210813716 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Accept-Ranges bytes Content-Length 22547 Date Mon, 07 Oct 2024 09:15:41 GMT ETag "5813-62356dc08fc80" Last-Modified Mon, 30 Sep 2024 14:17:06 GMT Content-Type image/jpeg Connection close
GET H/1.1	200 OK	1_pixel.gif www.parcelforce.net/images/	43 B 784 B	125ms 57ms	Image image/gif	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Show image Full URL https://www.parcelforce.net/images/1_pixel.gif Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Accept-Ranges bytes Content-Length 43 Date Mon, 07 Oct 2024 09:15:41 GMT ETag "2b-62356dc08fc80" Last-Modified Mon, 30 Sep 2024 14:17:06 GMT Content-Type image/gif Connection close
GET H/1.1	200 OK	green_light.gif www.parcelforce.net/images/	116 B 858 B	127ms 59ms	Image image/gif	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Show image Full URL https://www.parcelforce.net/images/green_light.gif Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash 78dcf4c275c9602a00c177221e6b8aad4b1275e71df4cda6ddaf0b9b90178b4f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Accept-Ranges bytes Content-Length 116 Date Mon, 07 Oct 2024 09:15:42 GMT ETag "74-62356dc08fc80" Last-Modified Mon, 30 Sep 2024 14:17:06 GMT Content-Type image/gif Connection close
GET H/1.1	200 OK	yellow_light.gif www.parcelforce.net/images/	116 B 858 B	132ms 61ms	Image image/gif	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Show image Full URL https://www.parcelforce.net/images/yellow_light.gif Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash 2c6d50f47b4f9a48e6b949770c9199471e4c01e0382c5797180b8feeae2ea974 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Accept-Ranges bytes Content-Length 116 Date Mon, 07 Oct 2024 09:15:42 GMT ETag "74-62356dc08fc80" Last-Modified Mon, 30 Sep 2024 14:17:06 GMT Content-Type image/gif Connection close
GET H/1.1	200 OK	red_light.gif www.parcelforce.net/images/	116 B 858 B	141ms 69ms	Image image/gif	78.153.247.10 NEOPOST
General Check archive.org Show headers Download Go to Show image Full URL https://www.parcelforce.net/images/red_light.gif Requested by Host: gophish-chas.msappproxy.net URL: https://gophish-chas.msappproxy.net/?rid=wcKfMrf Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 78.153.247.10 , France, ASN62057 (NEOPOST, FR), Reverse DNS Software / Resource Hash 47cc79f48e17025a391d2ce17fd2fdfeb3eb07619575c3a41d7a2689fcb7a11c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/ Response headers Accept-Ranges bytes Content-Length 116 Date Mon, 07 Oct 2024 09:15:42 GMT ETag "74-62356dc08fc80" Last-Modified Mon, 30 Sep 2024 14:17:06 GMT Content-Type image/gif Connection close
GET H/1.1	404 Not Found	favicon.ico gophish-chas.msappproxy.net/	19 B 840 B	61ms 61ms	Other text/plain	13.80.70.51 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://gophish-chas.msappproxy.net/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 13.80.70.51 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gophish-chas.msappproxy.net/?rid=wcKfMrf Response headers Nel {"report_to":"network-errors","max_age":86400,"success_fraction":0.2,"failure_fraction":1.0} x-ms-proxy-service-name proxy-appproxy-WEUR-AM3P-1 x-ms-proxy-data-center WEUR x-ms-proxy-app-id d169ba0b-872d-4963-9ce3-555e4db7d717 x-ms-proxy-transaction-id 2e528e64-804d-41d2-a4cb-ddf7721fef35 X-Content-Type-Options nosniff Report-To {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://ffde.nelreports.net/api/report?cat=proxy-appproxy-WEUR-AM3P-1"}]} x-ms-proxy-connector-id 5dfa9b03-458c-4a1f-9888-c91d79d12d3b Content-Length 19 x-ms-proxy-group-id a9b8155c-49f9-414c-9c5c-58e9acec37e1 x-ms-proxy-subscription-id de209969-e6fc-4d47-b2a0-f9f3ecb3632f Date Mon, 07 Oct 2024 09:15:41 GMT Content-Type text/plain; charset=utf-8 Vary Accept-Encoding

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| fdat object| lexicon string| lang string| site string| config_type number| first_page object| today_date number| today_day number| today_month number| today_year boolean| page_xlations object| settings_ref object| settings_desc function| hideProgress function| removeBackgroundColor function| getVersionBrowser function| initPage function| valLogin function| setValue boolean| ns string| browserVer object| greenLight object| yellowLight object| yellowLights object| redLight object| redLights string| browser_download_text function| ChangePic function| openBandwidthCheckPage function| openPDFCheckPage function| openCookieInfo function| resetPassword function| resendConfirmation function| displayErrorNoXlate function| focusElement function| getBrowser function| getBrowserVersion function| getValue function| _xlate_with_html function| _xlate_with_literal function| xlate string| WHITESPACE function| isEmpty function| copyObject function| dumper function| objToJson function| _getDumperData function| _formatObj function| _calcPadding function| _insertLineBreaks function| _formatDumperData function| isNull function| isUndefined function| isNullOrUndefined function| isBoolean function| isString function| isRegExp function| isNumber function| isFunction function| isArray function| isGenericObject function| isSubclassObject function| map function| grep function| array_search function| hash_keys function| hash_has_keys function| hash_values function| array_contains function| translateXMLObjToJSObj function| translateSegmentedJSONXMLObjToJSObj function| convertKeyvalArraysToHash function| convertKeyvalArrayToHash function| convertHashToKeyvalArray function| keyvalArrayLookup function| checkForHashEquality function| alertp function| toFixedTruncated function| dumperForm function| getChildNodesRecursively function| charCodeIn function| loadInMainWindow

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gophish-chas.msappproxy.net/	1969-12-31 23:59:59	Name: AzureAppProxyAnalyticCookie_d169ba0b-872d-4963-9ce3-555e4db7d717_https_1.3 Value: MGD:MIIBwAYJKoZIhvcNAQcDoIIBsTCCAa0CAQIxggEzooIBLwIBBDCB8gRUTAAAAAAAAAABAAAAS0RTSwYAAABqAQAAGAAAAAkAAACQzkM4rtqVel8AakHaL5XlIAAAANAu0NesyGnPD3UrqFrvK5JCnP8fHrdlyLHvxGFiGXk9MIGZBgkrBgEEAYI3SgEwgYsGCisGAQQBgjdKAQ0wfTB7MHkMBERTVFMMcWV1cm9wZXdlc3QtZGtkcy5ka2RzLmNvcmUud2luZG93cy5uZXQ7aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZTtjd2FwcHJveHlka2RzZXVyMAsGCWCGSAFlAwQBLQQo1YcFF8ppdvu2p4NHS9Ix694Fv/gGZayLnIjFLKx8jmF4yTWTNPSmZzBxBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDCRMNSCtnkw5iiXY5QIBEIBEk6iGjhZ3qMYA6RGyEba+DcCIPYUDRn2p785w68srvziieTHKmBGi4UpWZBl/xG/a0OUdEGKKcVCWOZq8VU/0SoDN9hg=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gophish-chas.msappproxy.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gophish-chas.msappproxy.net
www.parcelforce.net
13.80.70.51
78.153.247.10
2c6d50f47b4f9a48e6b949770c9199471e4c01e0382c5797180b8feeae2ea974
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
47cc79f48e17025a391d2ce17fd2fdfeb3eb07619575c3a41d7a2689fcb7a11c
502b9f6b9884bf768e0e8bead9d7dd02fbbe14f175c08007dfc3d933ef1fa3be
78dcf4c275c9602a00c177221e6b8aad4b1275e71df4cda6ddaf0b9b90178b4f
80710ef4222b1f1266a77b60ed64c1205099321bf32ac6af110e3b09e980e44d
93bea83361b465337ae9d867bc06e45e6925366273dc3fdb0346676a34298e11
9f0755e95e376975f6fd3f4f2d70217811b46b4e6e9751c80bacf8b855b195a4
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b61b89f5682588e6bf2e82ec9e6f57714f329829fd070bfb25f5d7a210813716