Submitted URL: http://wizardpayroll.com.ar/
Effective URL: https://wizardpayroll.com.ar/Wizard/Login
Submission: On November 08 via automatic, source openphish — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 157.55.192.77, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is wizardpayroll.com.ar.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 2nd 2024. Valid for: a year.
This is the only time wizardpayroll.com.ar was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 157.55.192.77 8075 (MICROSOFT...)
1 200.5.78.156 20117 (HSBC BANK...)
13 2
Apex Domain
Subdomains
Transfer
13 wizardpayroll.com.ar
wizardpayroll.com.ar
742 KB
1 hsbc.com.ar
www.argentina.hsbc.com.ar — Cisco Umbrella Rank: 832792
19 KB
13 2
Domain Requested by
13 wizardpayroll.com.ar 1 redirects wizardpayroll.com.ar
1 www.argentina.hsbc.com.ar wizardpayroll.com.ar
13 2

This site contains no links.

Subject Issuer Validity Valid
wizardpayroll.com.ar
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-06-27
a year crt.sh
argentina.hsbc.com.ar
DigiCert EV RSA CA G2
2024-07-10 -
2025-08-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://wizardpayroll.com.ar/Wizard/Login
Frame ID: 0F35580E86330BD31C55436E549A2ECE
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

HSBC Wizard Payroll

Page URL History Show full URLs

  1. http://wizardpayroll.com.ar/ HTTP 307
    https://wizardpayroll.com.ar/ HTTP 302
    https://wizardpayroll.com.ar/Wizard/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

761 kB
Transfer

757 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wizardpayroll.com.ar/ HTTP 307
    https://wizardpayroll.com.ar/ HTTP 302
    https://wizardpayroll.com.ar/Wizard/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Login
wizardpayroll.com.ar/Wizard/
Redirect Chain
  • http://wizardpayroll.com.ar/
  • https://wizardpayroll.com.ar/
  • https://wizardpayroll.com.ar/Wizard/Login
5 KB
5 KB
Document
General
Full URL
https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6e3723fc4aafa3153d3faeadbb1ccf0130c339c54acaa904aaab6b5e57efe244

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Length
4853
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Nov 2024 14:09:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Content-Length
130
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Nov 2024 14:09:20 GMT
Location
/Wizard/Login
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
datatablescss
wizardpayroll.com.ar/bundles/
27 KB
28 KB
Stylesheet
General
Full URL
https://wizardpayroll.com.ar/bundles/datatablescss?v=LZqg3cMIn2xrqB5cXiTR0ZL5_WacvWz-wHAaeGZ16Pk1
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
369a222a25bb802b1b3a7a04a4f6ae4c8a51da918b6452758c7724059673de07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Sat, 08 Nov 2025 14:09:20 GMT
Content-Length
27844
Date
Fri, 08 Nov 2024 14:09:20 GMT
Content-Type
text/css; charset=utf-8
Last-Modified
Fri, 08 Nov 2024 14:09:20 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
css
wizardpayroll.com.ar/Content/
348 KB
349 KB
Stylesheet
General
Full URL
https://wizardpayroll.com.ar/Content/css?v=ij9sY5WG9bA_A28lhJNT8BPHalltuIVKeQiUGrNrZUM1
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3d3403ed9551bf40f99c6989c8cc4428b6c03b0574d8b1cf85249fb6fbf8939d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Sat, 08 Nov 2025 14:09:21 GMT
Content-Length
356852
Date
Fri, 08 Nov 2024 14:09:20 GMT
Content-Type
text/css; charset=utf-8
Last-Modified
Fri, 08 Nov 2024 14:09:21 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
modernizr
wizardpayroll.com.ar/bundles/
11 KB
11 KB
Script
General
Full URL
https://wizardpayroll.com.ar/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Sat, 08 Nov 2025 14:09:21 GMT
Content-Length
11095
Date
Fri, 08 Nov 2024 14:09:20 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Fri, 08 Nov 2024 14:09:21 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
logo.png
wizardpayroll.com.ar/images/
3 KB
3 KB
Image
General
Full URL
https://wizardpayroll.com.ar/images/logo.png
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c0d5b1284f867b8d7e4bf70fde3d12434d5227f1827ccb375e532c92e50a342c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public,max-age=31536000
ETag
"0772936e733da1:0"
Accept-Ranges
bytes
Content-Length
2639
Date
Fri, 08 Nov 2024 14:09:20 GMT
Content-Type
image/png
Last-Modified
Thu, 21 Dec 2023 08:25:10 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
jquery
wizardpayroll.com.ar/bundles/
86 KB
86 KB
Script
General
Full URL
https://wizardpayroll.com.ar/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Sat, 08 Nov 2025 14:09:21 GMT
Content-Length
88173
Date
Fri, 08 Nov 2024 14:09:20 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Fri, 08 Nov 2024 14:09:21 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
bootstrap
wizardpayroll.com.ar/bundles/
38 KB
39 KB
Script
General
Full URL
https://wizardpayroll.com.ar/bundles/bootstrap?v=M4Nk6kIOwMFflsEKET0iPL9i5YBqbzMzvUOrd8gyCnw1
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a71fd6207f6416a9147eab09c1cafe22c8104507dd6391248ea2921bf7d8d78b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Sat, 08 Nov 2025 14:09:21 GMT
Content-Length
39393
Date
Fri, 08 Nov 2024 14:09:21 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Fri, 08 Nov 2024 14:09:21 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
datatablesjs
wizardpayroll.com.ar/bundles/
86 KB
86 KB
Script
General
Full URL
https://wizardpayroll.com.ar/bundles/datatablesjs?v=StJOytAj9Nv7aY0hOw18FcmvNKcst8MR6FnwLxrZ0aA1
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ac82a03de54fcb70cec26ae7f0f86d1652560262e467c705762fdcbf8e41dcd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Expires
Sat, 08 Nov 2025 14:09:21 GMT
Content-Length
87813
Date
Fri, 08 Nov 2024 14:09:21 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Fri, 08 Nov 2024 14:09:21 GMT
Vary
User-Agent
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
sucursales.js
www.argentina.hsbc.com.ar/es3/js/
18 KB
19 KB
Script
General
Full URL
https://www.argentina.hsbc.com.ar/es3/js/sucursales.js
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Wizard/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.5.78.156 , Argentina, ASN20117 (HSBC BANK Argentina S.A., AR),
Reverse DNS
Software
/
Resource Hash
c63412d55dfcd4ffc1b27f574e41a2ff981476c0188c1974dd1e1437ec368e4b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
18613
ETag
"a520d05d3577d71:0"
Date
Fri, 08 Nov 2024 14:09:23 GMT
Content-Type
application/javascript
Last-Modified
Mon, 12 Jul 2021 15:48:32 GMT
UniversNextPro-Regular.woff2
wizardpayroll.com.ar/fonts/
40 KB
41 KB
Font
General
Full URL
https://wizardpayroll.com.ar/fonts/UniversNextPro-Regular.woff2
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Content/css?v=ij9sY5WG9bA_A28lhJNT8BPHalltuIVKeQiUGrNrZUM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c39a38d9f5f8349db03f12ccac578d78fcb95da2aab833915dd65baab8d95e45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wizardpayroll.com.ar
Referer
https://wizardpayroll.com.ar/Content/css?v=ij9sY5WG9bA_A28lhJNT8BPHalltuIVKeQiUGrNrZUM1

Response headers

Cache-Control
public,max-age=31536000
ETag
"0da195ee933da1:0"
Accept-Ranges
bytes
Content-Length
41176
Date
Fri, 08 Nov 2024 14:09:22 GMT
Content-Type
application/font-woff2
Last-Modified
Thu, 21 Dec 2023 08:40:36 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
UniversNextPro-Bold.woff2
wizardpayroll.com.ar/fonts/
39 KB
39 KB
Font
General
Full URL
https://wizardpayroll.com.ar/fonts/UniversNextPro-Bold.woff2
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Content/css?v=ij9sY5WG9bA_A28lhJNT8BPHalltuIVKeQiUGrNrZUM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8ea0f81d97354b50fa7ea63aed423065ae2d6e6f86406fca26b0c382bb156659

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wizardpayroll.com.ar
Referer
https://wizardpayroll.com.ar/Content/css?v=ij9sY5WG9bA_A28lhJNT8BPHalltuIVKeQiUGrNrZUM1

Response headers

Cache-Control
public,max-age=31536000
ETag
"0da195ee933da1:0"
Accept-Ranges
bytes
Content-Length
39948
Date
Fri, 08 Nov 2024 14:09:22 GMT
Content-Type
application/font-woff2
Last-Modified
Thu, 21 Dec 2023 08:40:36 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
UniversNextPro-Medium.woff2
wizardpayroll.com.ar/fonts/
40 KB
41 KB
Font
General
Full URL
https://wizardpayroll.com.ar/fonts/UniversNextPro-Medium.woff2
Requested by
Host: wizardpayroll.com.ar
URL: https://wizardpayroll.com.ar/Content/css?v=ij9sY5WG9bA_A28lhJNT8BPHalltuIVKeQiUGrNrZUM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b729d4900dd7ebeaa864048e6c91751615b1d92677510480a1f195356dc2c48d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://wizardpayroll.com.ar
Referer
https://wizardpayroll.com.ar/Content/css?v=ij9sY5WG9bA_A28lhJNT8BPHalltuIVKeQiUGrNrZUM1

Response headers

Cache-Control
public,max-age=31536000
ETag
"074b5fe933da1:0"
Accept-Ranges
bytes
Content-Length
41444
Date
Fri, 08 Nov 2024 14:09:22 GMT
Content-Type
application/font-woff2
Last-Modified
Thu, 21 Dec 2023 08:40:38 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
favicon.ico
wizardpayroll.com.ar/
15 KB
15 KB
Other
General
Full URL
https://wizardpayroll.com.ar/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
157.55.192.77 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6792c4c37672b1a8d6c2842f403c70c85f3b66f3ebaa434b816b5cd25203113b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wizardpayroll.com.ar/Wizard/Login

Response headers

Cache-Control
public,max-age=31536000
ETag
"0737fe3a23cda1:0"
Accept-Ranges
bytes
Content-Length
15086
Date
Fri, 08 Nov 2024 14:09:24 GMT
Content-Type
image/x-icon
Last-Modified
Mon, 01 Jan 2024 11:08:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| $ function| jQuery function| DataTable object| mainList object| mainCodeList object| mainListSecond object| mainCodeListSecond function| changeSecondOption function| getCookie function| changeThirdOption object| sucursales function| numberOnly function| charOnly function| charNumberOnly function| goTo function| openConfirm function| confirmOk function| openAlert

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://wizardpayroll.com.ar/Wizard/Login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o