| bojanglesproam.com/dayo/Evoquedcs/0tgl/Y2NsZXZlbGFuZEBldm9xdWVkY3MuY29t | 172.93.120.161 | | 0 B |
URL bojanglesproam.com/dayo/Evoquedcs/0tgl/Y2NsZXZlbGFuZEBldm9xdWVkY3MuY29t IP172.93.120.161:0 ASN#393960 HOST4GEEKS-LLC
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dayo/Evoquedcs/0tgl/Y2NsZXZlbGFuZEBldm9xdWVkY3MuY29t HTTP/1.1
Host: bojanglesproam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 16:22:04 GMT
Server: Apache
refresh: 0;url=https://travellphp.co/?qzmeghbs&qrc=ccleveland@evoquedcs.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| travellphp.co/?qzmeghbs&qrc=ccleveland@evoquedcs.com | 5.230.36.111 | 302 Found | 0 B |
URL User Request GET HTTP/1.1travellphp.co/?qzmeghbs&qrc=ccleveland@evoquedcs.com IP5.230.36.111:443
CertificateIssuerLet's Encrypt Subjecttravellphp.co Fingerprint3B:28:3D:D7:29:E4:0C:4C:71:4B:BB:2E:0A:17:D9:E5:D7:9B:AA:E7 ValidityThu, 11 Apr 2024 11:48:30 GMT - Wed, 10 Jul 2024 11:48:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?qzmeghbs&qrc=ccleveland@evoquedcs.com HTTP/1.1
Host: travellphp.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Set-Cookie: qPdM=MyM2diz6Djxt; path=/; samesite=none; secure; httponly
qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw; path=/; samesite=none; secure; httponly
location: https://pugetsystems.co?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3B1Z2V0c3lzdGVtcy5jbyIsImRvbWFpbiI6InB1Z2V0c3lzdGVtcy5jbyIsImtleSI6Ik15TTJkaXo2RGp4dCIsInFyYyI6ImNjbGV2ZWxhbmRAZXZvcXVlZGNzLmNvbSIsImlhdCI6MTcxMzI4NDUyNSwiZXhwIjoxNzEzMjg0NjQ1fQ.mnO3BFmMbniL0RHwvNQVAcGXyVsWndzjb-Pr135-WNc
Date: Tue, 16 Apr 2024 16:22:05 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
|
|
| pugetsystems.co/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3B1Z2V0c3lzdGVtcy5jbyIsImRvbWFpbiI6InB1Z2V0c3lzdGVtcy5jbyIsImtleSI6Ik15TTJkaXo2RGp4dCIsInFyYyI6ImNjbGV2ZWxhbmRAZXZvcXVlZGNzLmNvbSIsImlhdCI6MTcxMzI4NDUyNSwiZXhwIjoxNzEzMjg0NjQ1fQ.mnO3BFmMbniL0RHwvNQVAcGXyVsWndzjb-Pr135-WNc | 5.230.36.111 | 302 Found | 0 B |
URL User Request GET HTTP/1.1pugetsystems.co/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3B1Z2V0c3lzdGVtcy5jbyIsImRvbWFpbiI6InB1Z2V0c3lzdGVtcy5jbyIsImtleSI6Ik15TTJkaXo2RGp4dCIsInFyYyI6ImNjbGV2ZWxhbmRAZXZvcXVlZGNzLmNvbSIsImlhdCI6MTcxMzI4NDUyNSwiZXhwIjoxNzEzMjg0NjQ1fQ.mnO3BFmMbniL0RHwvNQVAcGXyVsWndzjb-Pr135-WNc IP5.230.36.111:443
CertificateIssuerLet's Encrypt Subjectpugetsystems.co FingerprintE9:DA:86:8E:E5:50:15:CF:30:6F:54:F4:08:6D:D6:26:3A:A5:2D:05 ValidityThu, 11 Apr 2024 11:49:22 GMT - Wed, 10 Jul 2024 11:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3B1Z2V0c3lzdGVtcy5jbyIsImRvbWFpbiI6InB1Z2V0c3lzdGVtcy5jbyIsImtleSI6Ik15TTJkaXo2RGp4dCIsInFyYyI6ImNjbGV2ZWxhbmRAZXZvcXVlZGNzLmNvbSIsImlhdCI6MTcxMzI4NDUyNSwiZXhwIjoxNzEzMjg0NjQ1fQ.mnO3BFmMbniL0RHwvNQVAcGXyVsWndzjb-Pr135-WNc HTTP/1.1
Host: pugetsystems.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Set-Cookie: qPdM=MyM2diz6Djxt; path=/; samesite=none; secure; httponly
qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw; path=/; samesite=none; secure; httponly
location: /?qrc=ccleveland%40evoquedcs.com
Date: Tue, 16 Apr 2024 16:22:05 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
|
|
| pugetsystems.co/?qrc=ccleveland%40evoquedcs.com | 5.230.36.111 | 302 Moved Temporarily | 0 B |
URL User Request GET HTTP/1.1pugetsystems.co/?qrc=ccleveland%40evoquedcs.com IP5.230.36.111:443
CertificateIssuerLet's Encrypt Subjectpugetsystems.co FingerprintE9:DA:86:8E:E5:50:15:CF:30:6F:54:F4:08:6D:D6:26:3A:A5:2D:05 ValidityThu, 11 Apr 2024 11:49:22 GMT - Wed, 10 Jul 2024 11:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?qrc=ccleveland%40evoquedcs.com HTTP/1.1
Host: pugetsystems.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: qPdM=MyM2diz6Djxt; qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache
Pragma: no-cache
Location: https://pugetsystems.co/owa/?login_hint=ccleveland%40evoquedcs.com
Server: Microsoft-IIS/10.0
request-id: 880931ce-afdc-9f3f-96ce-d906fd0153ff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-FEServer: FR0P281CA0065, FR0P281CA0065
X-RequestId: 46554108-b88e-4a69-8045-6035975a0ccd
X-FEProxyInfo: FR0P281CA0065.DEUP281.PROD.OUTLOOK.COM
X-FEEFZInfo: HHN
MS-CV: zjEJiNyvP5+WztkG/QFT/w.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 16:22:05 GMT
Connection: close
Content-Length: 0
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| pugetsystems.co/owa/?login_hint=ccleveland%40evoquedcs.com | 5.230.36.111 | 302 Found | 1.4 kB |
URL User Request GET HTTP/1.1pugetsystems.co/owa/?login_hint=ccleveland%40evoquedcs.com IP5.230.36.111:443
CertificateIssuerLet's Encrypt Subjectpugetsystems.co FingerprintE9:DA:86:8E:E5:50:15:CF:30:6F:54:F4:08:6D:D6:26:3A:A5:2D:05 ValidityThu, 11 Apr 2024 11:49:22 GMT - Wed, 10 Jul 2024 11:49:21 GMT
File typeHTML document, ASCII text, with very long lines (792), with CRLF, LF line terminators Hash9e68cd4a865feae705146ae13802c7ff caca084b3c2fd0e83b56bbff2714be68170c6bbc c7fc843ef47723036e94fd23a8b3c7c965462b4b68bdbc32070416c8cbe5e895
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /owa/?login_hint=ccleveland%40evoquedcs.com HTTP/1.1
Host: pugetsystems.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: qPdM=MyM2diz6Djxt; qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
content-length: 1372
Content-Type: text/html; charset=utf-8
Location: https://pugetsystems.co/?j63vqf5h6=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZjbGllbnQtcmVxdWVzdC1pZD0xYjY5ZjNjOS0wMWVmLWQxNzYtMDViMy1iZmIwZjA2ZWFjMzAmcHJvdGVjdGVkdG9rZW49dHJ1ZSZjbGFpbXM9JTdiJTIyaWRfdG9rZW4lMjIlM2ElN2IlMjJ4bXNfY2MlMjIlM2ElN2IlMjJ2YWx1ZXMlMjIlM2ElNWIlMjJDUDElMjIlNWQlN2QlN2QlN2Qmbm9uY2U9NjM4NDg4ODEzMjU4NjM4MzYyLjBkY2QyYzU5LTM4ZDgtNGE3Ny05MzdkLWRhY2I2Yjk2ZmNkNiZzdGF0ZT1EWXRCRHNJZ0VBQkIzLUxKMENMUVpUazBQc1hRWGRRbUNERnFfWDczTUpPNWpGWktIWVdEb0sxSVJmQVlFUEhpM1lUU0h0eGdtZGpSbEl4SFJoTnlqQ2I1eUlZekxiQWt1Qk9EbHZjODluOGVyN1VfMW5aN3J1MDdFOVd5bFpvYm40SXRXM19fQ3RObm9QN2FBUQ==
Server: Microsoft-IIS/10.0
request-id: 1b69f3c9-01ef-d176-05b3-bfb0f06eac30
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000
X-CalculatedBETarget: FR0P281MB1611.DEUP281.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 302
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: ClientId=A562510DCF084E8C81AA43256A0C9C85; expires=Wed, 16-Apr-2025 16:22:05 GMT; path=/;SameSite=None; secure
ClientId=A562510DCF084E8C81AA43256A0C9C85; expires=Wed, 16-Apr-2025 16:22:05 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Wed, 16-Oct-2024 16:22:05 GMT; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.nonce.v3.OsEZS40WotwAwBv6ckaxvuauiuWvNSuRZniwOzpBfQQ=638488813258638362.0dcd2c59-38d8-4a77-937d-dacb6b96fcd6; expires=Tue, 16-Apr-2024 17:22:05 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OptInPrg=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
ClientId=A562510DCF084E8C81AA43256A0C9C85; expires=Wed, 16-Apr-2025 16:22:05 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Wed, 16-Oct-2024 16:22:05 GMT; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=pugetsystems.co; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OpenIdConnect.nonce.v3.OsEZS40WotwAwBv6ckaxvuauiuWvNSuRZniwOzpBfQQ=638488813258638362.0dcd2c59-38d8-4a77-937d-dacb6b96fcd6; expires=Tue, 16-Apr-2024 17:22:05 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
OptInPrg=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Sat, 16-Apr-1994 16:22:05 GMT; path=/; secure
X-OWA-RedirectHistory=ArLym14BGoRXWzFe3Ag; expires=Tue, 16-Apr-2024 22:24:05 GMT; path=/;SameSite=None; secure; HttpOnly
X-RUM-Validated: 1
X-RUM-NotUpdateQueriedPath: 1
X-RUM-NotUpdateQueriedDbCopy: 1
X-BeSku: WCS7
X-OWA-DiagnosticsInfo: 2;0;0
X-IIDs: 0
X-BackEnd-Begin: 2024-04-16T16:22:05.863
X-BackEnd-End: 2024-04-16T16:22:05.863
X-DiagInfo: FR0P281MB1611
X-BEServer: FR0P281MB1611
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-Proxy-BackendServerStatus: 302
X-FirstHopCafeEFZ: HHN
X-FEProxyInfo: FR3P281CA0158.DEUP281.PROD.OUTLOOK.COM
X-FEEFZInfo: HHN
X-FEServer: FR3P281CA0158
Date: Tue, 16 Apr 2024 16:22:04 GMT
Connection: close
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| pugetsystems.co/?j63vqf5h6=aHR0cHM6Ly9ldm9xdWVkY3Mub2t0YS5jb20vYXBwL29mZmljZTM2NS9leGs2MWUyYTF5Q2JHWjN4WTM1Ni9zc28vd3NmZWQvcGFzc2l2ZT9sb2dpbl9oaW50PWNjbGV2ZWxhbmQlNDBldm9xdWVkY3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPTFiNjlmM2M5LTAxZWYtZDE3Ni0wNWIzLWJmYjBmMDZlYWMzMCZ1c2VybmFtZT1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZ3YT13c2lnbmluMS4wJnd0cmVhbG09dXJuJTNhZmVkZXJhdGlvbiUzYU1pY3Jvc29mdE9ubGluZSZ3Y3R4PWVzdHNyZWRpcmVjdCUzZDIlMjZlc3RzcmVxdWVzdCUzZHJRUUlBUkFBalpGTmlCSnhBTVg5T3pxdDI1ZnNLZWdRREVHME1Ucmo2TXdvQkRucW9xdnJ4MnI0RVRHTV81blIwWm41cXpPYXVuZ0tJb2hnV1lnZzZ0TFJPaXpiSmZaU3A2QTkyWFVoNkxnRTFWSVhqeWxkdXRVN1BINkh4enU4dDQ3UlBqcHlsZnFqQUxsMGtsSlZtb1RLa3Y1U2IyM1YtX0dYZHZrSEdIeHl2M20zZjJxLXBxYmdTdE8yTzFiRTcwZDlXMGVvN1VPcXFrSEZCNUhoUl9ja18xc0FaZ0NjQUxEbnZBU2hyZ3dVWFRMbFc4b0FkZnVLREsxbGNPcmtXSVlQOGp4UE00RVF2MkNHRGZnb0djb0JHQXFURENfelpGRGlPRExNY0RJcFM3RE8xc09zQ21YMjJIa3hGLTNiemNEU1VFOGJLei1kSGhYMURMR0RMUHNadGdmaVZWdUlXNmxHSWlvSURKblpwR0taUXEzVXB2SldwVkNSQzBZc3Z0RVZLeHl6dFprTHRUWnE2V1MxSEVkcE9yV3RScXVKZkZKanFxVmkwaDQyRExtMXJhZUd5ZTFtZHRTSzFVT2pWSFdjcVVmYmZTRVgxd2VRRDV1ODB1TnVpN1JaNDNwOWlrdUV5eU85aHVwbU1HV1hHVkdNMlZrVDVUa3BXcGhpX3pYM0FZWXZwakdRZVlUaHFLT1ltanh6Z1M4dThOWGxwRmJtTHZEU3ZmaURscjdkU0QtNmxubkFQWDkxX2VDRjQ4anRqNGJhYW9OVFVWd29NVU02cWJLQmxwX2RTb19NVks5WUsyWnBvVFlXdWtYV0hJUVNOOE1SZWhjSHV6aC1pSHRXTUstRHdHSjUtZ1FIcHpoNGVNWng2UG5YdWJPejRQaGNjQldIdXFRWjF0cjZEcUhKb28zYWlrbEVkb2loWVlrUUxta2c2WDNGSWlKM2lFVV9jWGN5bWJ3Xzc1aGZ1UDk0X3ZuSmg2ZmZrX3RleDI4MSM= | 5.230.36.111 | 302 Found | 0 B |
URL User Request GET HTTP/1.1pugetsystems.co/?j63vqf5h6=aHR0cHM6Ly9ldm9xdWVkY3Mub2t0YS5jb20vYXBwL29mZmljZTM2NS9leGs2MWUyYTF5Q2JHWjN4WTM1Ni9zc28vd3NmZWQvcGFzc2l2ZT9sb2dpbl9oaW50PWNjbGV2ZWxhbmQlNDBldm9xdWVkY3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPTFiNjlmM2M5LTAxZWYtZDE3Ni0wNWIzLWJmYjBmMDZlYWMzMCZ1c2VybmFtZT1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZ3YT13c2lnbmluMS4wJnd0cmVhbG09dXJuJTNhZmVkZXJhdGlvbiUzYU1pY3Jvc29mdE9ubGluZSZ3Y3R4PWVzdHNyZWRpcmVjdCUzZDIlMjZlc3RzcmVxdWVzdCUzZHJRUUlBUkFBalpGTmlCSnhBTVg5T3pxdDI1ZnNLZWdRREVHME1Ucmo2TXdvQkRucW9xdnJ4MnI0RVRHTV81blIwWm41cXpPYXVuZ0tJb2hnV1lnZzZ0TFJPaXpiSmZaU3A2QTkyWFVoNkxnRTFWSVhqeWxkdXRVN1BINkh4enU4dDQ3UlBqcHlsZnFqQUxsMGtsSlZtb1RLa3Y1U2IyM1YtX0dYZHZrSEdIeHl2M20zZjJxLXBxYmdTdE8yTzFiRTcwZDlXMGVvN1VPcXFrSEZCNUhoUl9ja18xc0FaZ0NjQUxEbnZBU2hyZ3dVWFRMbFc4b0FkZnVLREsxbGNPcmtXSVlQOGp4UE00RVF2MkNHRGZnb0djb0JHQXFURENfelpGRGlPRExNY0RJcFM3RE8xc09zQ21YMjJIa3hGLTNiemNEU1VFOGJLei1kSGhYMURMR0RMUHNadGdmaVZWdUlXNmxHSWlvSURKblpwR0taUXEzVXB2SldwVkNSQzBZc3Z0RVZLeHl6dFprTHRUWnE2V1MxSEVkcE9yV3RScXVKZkZKanFxVmkwaDQyRExtMXJhZUd5ZTFtZHRTSzFVT2pWSFdjcVVmYmZTRVgxd2VRRDV1ODB1TnVpN1JaNDNwOWlrdUV5eU85aHVwbU1HV1hHVkdNMlZrVDVUa3BXcGhpX3pYM0FZWXZwakdRZVlUaHFLT1ltanh6Z1M4dThOWGxwRmJtTHZEU3ZmaURscjdkU0QtNmxubkFQWDkxX2VDRjQ4anRqNGJhYW9OVFVWd29NVU02cWJLQmxwX2RTb19NVks5WUsyWnBvVFlXdWtYV0hJUVNOOE1SZWhjSHV6aC1pSHRXTUstRHdHSjUtZ1FIcHpoNGVNWng2UG5YdWJPejRQaGNjQldIdXFRWjF0cjZEcUhKb28zYWlrbEVkb2loWVlrUUxta2c2WDNGSWlKM2lFVV9jWGN5bWJ3Xzc1aGZ1UDk0X3ZuSmg2ZmZrX3RleDI4MSM= IP5.230.36.111:443
CertificateIssuerLet's Encrypt Subjectpugetsystems.co FingerprintE9:DA:86:8E:E5:50:15:CF:30:6F:54:F4:08:6D:D6:26:3A:A5:2D:05 ValidityThu, 11 Apr 2024 11:49:22 GMT - Wed, 10 Jul 2024 11:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?j63vqf5h6=aHR0cHM6Ly9ldm9xdWVkY3Mub2t0YS5jb20vYXBwL29mZmljZTM2NS9leGs2MWUyYTF5Q2JHWjN4WTM1Ni9zc28vd3NmZWQvcGFzc2l2ZT9sb2dpbl9oaW50PWNjbGV2ZWxhbmQlNDBldm9xdWVkY3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPTFiNjlmM2M5LTAxZWYtZDE3Ni0wNWIzLWJmYjBmMDZlYWMzMCZ1c2VybmFtZT1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZ3YT13c2lnbmluMS4wJnd0cmVhbG09dXJuJTNhZmVkZXJhdGlvbiUzYU1pY3Jvc29mdE9ubGluZSZ3Y3R4PWVzdHNyZWRpcmVjdCUzZDIlMjZlc3RzcmVxdWVzdCUzZHJRUUlBUkFBalpGTmlCSnhBTVg5T3pxdDI1ZnNLZWdRREVHME1Ucmo2TXdvQkRucW9xdnJ4MnI0RVRHTV81blIwWm41cXpPYXVuZ0tJb2hnV1lnZzZ0TFJPaXpiSmZaU3A2QTkyWFVoNkxnRTFWSVhqeWxkdXRVN1BINkh4enU4dDQ3UlBqcHlsZnFqQUxsMGtsSlZtb1RLa3Y1U2IyM1YtX0dYZHZrSEdIeHl2M20zZjJxLXBxYmdTdE8yTzFiRTcwZDlXMGVvN1VPcXFrSEZCNUhoUl9ja18xc0FaZ0NjQUxEbnZBU2hyZ3dVWFRMbFc4b0FkZnVLREsxbGNPcmtXSVlQOGp4UE00RVF2MkNHRGZnb0djb0JHQXFURENfelpGRGlPRExNY0RJcFM3RE8xc09zQ21YMjJIa3hGLTNiemNEU1VFOGJLei1kSGhYMURMR0RMUHNadGdmaVZWdUlXNmxHSWlvSURKblpwR0taUXEzVXB2SldwVkNSQzBZc3Z0RVZLeHl6dFprTHRUWnE2V1MxSEVkcE9yV3RScXVKZkZKanFxVmkwaDQyRExtMXJhZUd5ZTFtZHRTSzFVT2pWSFdjcVVmYmZTRVgxd2VRRDV1ODB1TnVpN1JaNDNwOWlrdUV5eU85aHVwbU1HV1hHVkdNMlZrVDVUa3BXcGhpX3pYM0FZWXZwakdRZVlUaHFLT1ltanh6Z1M4dThOWGxwRmJtTHZEU3ZmaURscjdkU0QtNmxubkFQWDkxX2VDRjQ4anRqNGJhYW9OVFVWd29NVU02cWJLQmxwX2RTb19NVks5WUsyWnBvVFlXdWtYV0hJUVNOOE1SZWhjSHV6aC1pSHRXTUstRHdHSjUtZ1FIcHpoNGVNWng2UG5YdWJPejRQaGNjQldIdXFRWjF0cjZEcUhKb28zYWlrbEVkb2loWVlrUUxta2c2WDNGSWlKM2lFVV9jWGN5bWJ3Xzc1aGZ1UDk0X3ZuSmg2ZmZrX3RleDI4MSM= HTTP/1.1
Host: pugetsystems.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: qPdM=MyM2diz6Djxt; qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw; ClientId=A562510DCF084E8C81AA43256A0C9C85; OIDC=1; OpenIdConnect.nonce.v3.OsEZS40WotwAwBv6ckaxvuauiuWvNSuRZniwOzpBfQQ=638488813258638362.0dcd2c59-38d8-4a77-937d-dacb6b96fcd6; X-OWA-RedirectHistory=ArLym14BGoRXWzFe3Ag; buid=0.ASwAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8XObZ_dp5Udf2JH8ZLNT9gg5JRsac5ihWww_tSrNfiyPy0Hi3BDCbL8MTnZZ8sL946RaAI4gnTEYtV1pgrpWj7Q25fOINu2lAc9z03mDUTe0gAA; fpc=AimtBSlLRBpPk8tcbRFzxL-erOTJAQAAAK6csN0OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8FsQgXAd-uKSlDDxd6k4d7oUaFHxH3krpjkbKsYQPKheyHVDWiwlcJ7kIWaynT1FVJEKPFteNUxKVIbSFKXXvUxrnkulqebiN9bASYoYawOprS1h8-EhD8vhxkgIE3rCWFlzIH4B0Xu3rSDSZLKgVdkWGakKiseRvOT_Udi8EgDAgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 16 Apr 2024 16:22:07 GMT
Content-Length: 0
Connection: close
Server: nginx
x-okta-request-id: 517b8eb5a9071c97bc9065bac391076a
p3p: CP="HONK"
set-cookie: sid="";Version=1;Path=/;Max-Age=0
autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
location: https://pugetsystems.co/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk61e2a1yCbGZ3xY356%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dccleveland%2540evoquedcs.com%26client-request-id%3D1b69f3c9-01ef-d176-05b3-bfb0f06eac30%26username%3Dccleveland%2540evoquedcs.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjZFNiBJxAMX9Ozqt25fsKegQDEG0MTrj6MwoBDnqoqvrx2r4ETGM_5nR0Zn5qzOaungKIohgWYgg6tLROizbJfZSp6A92XUh6LgE1VIXjyldutU7PH6Hxzu8t47RPjpylfqjALl0klJVmoTKkv5Sb23V-_GXdvkHGHxyv3m3f2q-pqbgStO2O1bE70d9W0eo7UOqqkHFB5HhR_ck_1sAZgCcALDnvAShrgwUXTLlW8oAdfuKDK1lcOrkWIYP8jxPM4EQv2CGDfgoGcoBGAqTDC_zZFDiODLMcDIpS7DO1sOsCmX22HkxF-3bzcDSUE8bKz-dHhX1DLGDLPsZtgfiVVuIW6lGIioIDJnZpGKZQq3UpvJWpVCRC0YsvtEVKxyztZkLtTZq6WS1HEdpOrWtRquJfFJjqqVi0h42DLm1raeGye1mdtSK1UOjVHWcqUfbfSEX1weQD5u80uNui7RZ43p9ikuEyyO9hupmMGWXGVGM2VkT5TkpWphi_zX3AYYvpjGQeYThqKOYmjxzgS8u8NXlpFbmLvDSvfiDlr7dSD-6lnnAPX91_eCF48jtj4baaoNTUVwoMUM6qbKBlp_dSo_MVK9YK2ZpoTYWukXWHIQSN8MRehcHuzh-iHtWMK-DwGJ5-gQHpzh4eMZx6PnXubOz4PhccBWHuqQZ1tr6DqHJoo3aiklEdoihYYkQLmkg6X3FIiJ3iEU_cXcymbw_75hfuP94_vnJh6ffk_tex281
content-language: en
Strict-Transport-Security: max-age=315360000; includeSubDomains
|
|
| pugetsystems.co/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk61e2a1yCbGZ3xY356%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dccleveland%2540evoquedcs.com%26client-request-id%3D1b69f3c9-01ef-d176-05b3-bfb0f06eac30%26username%3Dccleveland%2540evoquedcs.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjZFNiBJxAMX9Ozqt25fsKegQDEG0MTrj6MwoBDnqoqvrx2r4ETGM_5nR0Zn5qzOaungKIohgWYgg6tLROizbJfZSp6A92XUh6LgE1VIXjyldutU7PH6Hxzu8t47RPjpylfqjALl0klJVmoTKkv5Sb23V-_GXdvkHGHxyv3m3f2q-pqbgStO2O1bE70d9W0eo7UOqqkHFB5HhR_ck_1sAZgCcALDnvAShrgwUXTLlW8oAdfuKDK1lcOrkWIYP8jxPM4EQv2CGDfgoGcoBGAqTDC_zZFDiODLMcDIpS7DO1sOsCmX22HkxF-3bzcDSUE8bKz-dHhX1DLGDLPsZtgfiVVuIW6lGIioIDJnZpGKZQq3UpvJWpVCRC0YsvtEVKxyztZkLtTZq6WS1HEdpOrWtRquJfFJjqqVi0h42DLm1raeGye1mdtSK1UOjVHWcqUfbfSEX1weQD5u80uNui7RZ43p9ikuEyyO9hupmMGWXGVGM2VkT5TkpWphi_zX3AYYvpjGQeYThqKOYmjxzgS8u8NXlpFbmLvDSvfiDlr7dSD-6lnnAPX91_eCF48jtj4baaoNTUVwoMUM6qbKBlp_dSo_MVK9YK2ZpoTYWukXWHIQSN8MRehcHuzh-iHtWMK-DwGJ5-gQHpzh4eMZx6PnXubOz4PhccBWHuqQZ1tr6DqHJoo3aiklEdoihYYkQLmkg6X3FIiJ3iEU_cXcymbw_75hfuP94_vnJh6ffk_tex281 | 5.230.36.111 | 404 Not Found | 0 B |
URL User Request GET HTTP/1.1pugetsystems.co/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk61e2a1yCbGZ3xY356%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dccleveland%2540evoquedcs.com%26client-request-id%3D1b69f3c9-01ef-d176-05b3-bfb0f06eac30%26username%3Dccleveland%2540evoquedcs.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjZFNiBJxAMX9Ozqt25fsKegQDEG0MTrj6MwoBDnqoqvrx2r4ETGM_5nR0Zn5qzOaungKIohgWYgg6tLROizbJfZSp6A92XUh6LgE1VIXjyldutU7PH6Hxzu8t47RPjpylfqjALl0klJVmoTKkv5Sb23V-_GXdvkHGHxyv3m3f2q-pqbgStO2O1bE70d9W0eo7UOqqkHFB5HhR_ck_1sAZgCcALDnvAShrgwUXTLlW8oAdfuKDK1lcOrkWIYP8jxPM4EQv2CGDfgoGcoBGAqTDC_zZFDiODLMcDIpS7DO1sOsCmX22HkxF-3bzcDSUE8bKz-dHhX1DLGDLPsZtgfiVVuIW6lGIioIDJnZpGKZQq3UpvJWpVCRC0YsvtEVKxyztZkLtTZq6WS1HEdpOrWtRquJfFJjqqVi0h42DLm1raeGye1mdtSK1UOjVHWcqUfbfSEX1weQD5u80uNui7RZ43p9ikuEyyO9hupmMGWXGVGM2VkT5TkpWphi_zX3AYYvpjGQeYThqKOYmjxzgS8u8NXlpFbmLvDSvfiDlr7dSD-6lnnAPX91_eCF48jtj4baaoNTUVwoMUM6qbKBlp_dSo_MVK9YK2ZpoTYWukXWHIQSN8MRehcHuzh-iHtWMK-DwGJ5-gQHpzh4eMZx6PnXubOz4PhccBWHuqQZ1tr6DqHJoo3aiklEdoihYYkQLmkg6X3FIiJ3iEU_cXcymbw_75hfuP94_vnJh6ffk_tex281 IP5.230.36.111:443
CertificateIssuerLet's Encrypt Subjectpugetsystems.co FingerprintE9:DA:86:8E:E5:50:15:CF:30:6F:54:F4:08:6D:D6:26:3A:A5:2D:05 ValidityThu, 11 Apr 2024 11:49:22 GMT - Wed, 10 Jul 2024 11:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk61e2a1yCbGZ3xY356%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dccleveland%2540evoquedcs.com%26client-request-id%3D1b69f3c9-01ef-d176-05b3-bfb0f06eac30%26username%3Dccleveland%2540evoquedcs.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjZFNiBJxAMX9Ozqt25fsKegQDEG0MTrj6MwoBDnqoqvrx2r4ETGM_5nR0Zn5qzOaungKIohgWYgg6tLROizbJfZSp6A92XUh6LgE1VIXjyldutU7PH6Hxzu8t47RPjpylfqjALl0klJVmoTKkv5Sb23V-_GXdvkHGHxyv3m3f2q-pqbgStO2O1bE70d9W0eo7UOqqkHFB5HhR_ck_1sAZgCcALDnvAShrgwUXTLlW8oAdfuKDK1lcOrkWIYP8jxPM4EQv2CGDfgoGcoBGAqTDC_zZFDiODLMcDIpS7DO1sOsCmX22HkxF-3bzcDSUE8bKz-dHhX1DLGDLPsZtgfiVVuIW6lGIioIDJnZpGKZQq3UpvJWpVCRC0YsvtEVKxyztZkLtTZq6WS1HEdpOrWtRquJfFJjqqVi0h42DLm1raeGye1mdtSK1UOjVHWcqUfbfSEX1weQD5u80uNui7RZ43p9ikuEyyO9hupmMGWXGVGM2VkT5TkpWphi_zX3AYYvpjGQeYThqKOYmjxzgS8u8NXlpFbmLvDSvfiDlr7dSD-6lnnAPX91_eCF48jtj4baaoNTUVwoMUM6qbKBlp_dSo_MVK9YK2ZpoTYWukXWHIQSN8MRehcHuzh-iHtWMK-DwGJ5-gQHpzh4eMZx6PnXubOz4PhccBWHuqQZ1tr6DqHJoo3aiklEdoihYYkQLmkg6X3FIiJ3iEU_cXcymbw_75hfuP94_vnJh6ffk_tex281 HTTP/1.1
Host: pugetsystems.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: qPdM=MyM2diz6Djxt; qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw; ClientId=A562510DCF084E8C81AA43256A0C9C85; OIDC=1; OpenIdConnect.nonce.v3.OsEZS40WotwAwBv6ckaxvuauiuWvNSuRZniwOzpBfQQ=638488813258638362.0dcd2c59-38d8-4a77-937d-dacb6b96fcd6; X-OWA-RedirectHistory=ArLym14BGoRXWzFe3Ag; buid=0.ASwAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8XObZ_dp5Udf2JH8ZLNT9gg5JRsac5ihWww_tSrNfiyPy0Hi3BDCbL8MTnZZ8sL946RaAI4gnTEYtV1pgrpWj7Q25fOINu2lAc9z03mDUTe0gAA; fpc=AimtBSlLRBpPk8tcbRFzxL-erOTJAQAAAK6csN0OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8FsQgXAd-uKSlDDxd6k4d7oUaFHxH3krpjkbKsYQPKheyHVDWiwlcJ7kIWaynT1FVJEKPFteNUxKVIbSFKXXvUxrnkulqebiN9bASYoYawOprS1h8-EhD8vhxkgIE3rCWFlzIH4B0Xu3rSDSZLKgVdkWGakKiseRvOT_Udi8EgDAgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: ba79061c-a5f2-4d2f-89b1-42b74c0c7b00
x-ms-ests-server: 2.1.17789.7 - WUS3 ProdSlices
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Date: Tue, 16 Apr 2024 16:22:07 GMT
Connection: close
Content-Length: 0
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| pugetsystems.co/favicon.ico | 5.230.36.111 | 404 Not Found | 0 B |
URL GET HTTP/1.1pugetsystems.co/favicon.ico IP5.230.36.111:443
Requested byhttps://pugetsystems.co/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk61e2a1yCbGZ3xY356%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dccleveland%2540evoquedcs.com%26client-request-id%3D1b69f3c9-01ef-d176-05b3-bfb0f06eac30%26username%3Dccleveland%2540evoquedcs.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjZFNiBJxAMX9Ozqt25fsKegQDEG0MTrj6MwoBDnqoqvrx2r4ETGM_5nR0Zn5qzOaungKIohgWYgg6tLROizbJfZSp6A92XUh6LgE1VIXjyldutU7PH6Hxzu8t47RPjpylfqjALl0klJVmoTKkv5Sb23V-_GXdvkHGHxyv3m3f2q-pqbgStO2O1bE70d9W0eo7UOqqkHFB5HhR_ck_1sAZgCcALDnvAShrgwUXTLlW8oAdfuKDK1lcOrkWIYP8jxPM4EQv2CGDfgoGcoBGAqTDC_zZFDiODLMcDIpS7DO1sOsCmX22HkxF-3bzcDSUE8bKz-dHhX1DLGDLPsZtgfiVVuIW6lGIioIDJnZpGKZQq3UpvJWpVCRC0YsvtEVKxyztZkLtTZq6WS1HEdpOrWtRquJfFJjqqVi0h42DLm1raeGye1mdtSK1UOjVHWcqUfbfSEX1weQD5u80uNui7RZ43p9ikuEyyO9hupmMGWXGVGM2VkT5TkpWphi_zX3AYYvpjGQeYThqKOYmjxzgS8u8NXlpFbmLvDSvfiDlr7dSD-6lnnAPX91_eCF48jtj4baaoNTUVwoMUM6qbKBlp_dSo_MVK9YK2ZpoTYWukXWHIQSN8MRehcHuzh-iHtWMK-DwGJ5-gQHpzh4eMZx6PnXubOz4PhccBWHuqQZ1tr6DqHJoo3aiklEdoihYYkQLmkg6X3FIiJ3iEU_cXcymbw_75hfuP94_vnJh6ffk_tex281 CertificateIssuerLet's Encrypt Subjectpugetsystems.co FingerprintE9:DA:86:8E:E5:50:15:CF:30:6F:54:F4:08:6D:D6:26:3A:A5:2D:05 ValidityThu, 11 Apr 2024 11:49:22 GMT - Wed, 10 Jul 2024 11:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /favicon.ico HTTP/1.1
Host: pugetsystems.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pugetsystems.co/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexk61e2a1yCbGZ3xY356%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dccleveland%2540evoquedcs.com%26client-request-id%3D1b69f3c9-01ef-d176-05b3-bfb0f06eac30%26username%3Dccleveland%2540evoquedcs.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjZFNiBJxAMX9Ozqt25fsKegQDEG0MTrj6MwoBDnqoqvrx2r4ETGM_5nR0Zn5qzOaungKIohgWYgg6tLROizbJfZSp6A92XUh6LgE1VIXjyldutU7PH6Hxzu8t47RPjpylfqjALl0klJVmoTKkv5Sb23V-_GXdvkHGHxyv3m3f2q-pqbgStO2O1bE70d9W0eo7UOqqkHFB5HhR_ck_1sAZgCcALDnvAShrgwUXTLlW8oAdfuKDK1lcOrkWIYP8jxPM4EQv2CGDfgoGcoBGAqTDC_zZFDiODLMcDIpS7DO1sOsCmX22HkxF-3bzcDSUE8bKz-dHhX1DLGDLPsZtgfiVVuIW6lGIioIDJnZpGKZQq3UpvJWpVCRC0YsvtEVKxyztZkLtTZq6WS1HEdpOrWtRquJfFJjqqVi0h42DLm1raeGye1mdtSK1UOjVHWcqUfbfSEX1weQD5u80uNui7RZ43p9ikuEyyO9hupmMGWXGVGM2VkT5TkpWphi_zX3AYYvpjGQeYThqKOYmjxzgS8u8NXlpFbmLvDSvfiDlr7dSD-6lnnAPX91_eCF48jtj4baaoNTUVwoMUM6qbKBlp_dSo_MVK9YK2ZpoTYWukXWHIQSN8MRehcHuzh-iHtWMK-DwGJ5-gQHpzh4eMZx6PnXubOz4PhccBWHuqQZ1tr6DqHJoo3aiklEdoihYYkQLmkg6X3FIiJ3iEU_cXcymbw_75hfuP94_vnJh6ffk_tex281
DNT: 1
Connection: keep-alive
Cookie: qPdM=MyM2diz6Djxt; qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw; ClientId=A562510DCF084E8C81AA43256A0C9C85; OIDC=1; OpenIdConnect.nonce.v3.OsEZS40WotwAwBv6ckaxvuauiuWvNSuRZniwOzpBfQQ=638488813258638362.0dcd2c59-38d8-4a77-937d-dacb6b96fcd6; X-OWA-RedirectHistory=ArLym14BGoRXWzFe3Ag; buid=0.ASwAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8XObZ_dp5Udf2JH8ZLNT9gg5JRsac5ihWww_tSrNfiyPy0Hi3BDCbL8MTnZZ8sL946RaAI4gnTEYtV1pgrpWj7Q25fOINu2lAc9z03mDUTe0gAA; fpc=AimtBSlLRBpPk8tcbRFzxL-erOTJAQAAAK6csN0OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8FsQgXAd-uKSlDDxd6k4d7oUaFHxH3krpjkbKsYQPKheyHVDWiwlcJ7kIWaynT1FVJEKPFteNUxKVIbSFKXXvUxrnkulqebiN9bASYoYawOprS1h8-EhD8vhxkgIE3rCWFlzIH4B0Xu3rSDSZLKgVdkWGakKiseRvOT_Udi8EgDAgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private
Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 23b47842-5636-4785-b335-be0c82c64500
x-ms-ests-server: 2.1.17789.7 - EUS ProdSlices
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Date: Tue, 16 Apr 2024 16:22:07 GMT
Connection: close
Content-Length: 0
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| pugetsystems.co/?j63vqf5h6=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZjbGllbnQtcmVxdWVzdC1pZD0xYjY5ZjNjOS0wMWVmLWQxNzYtMDViMy1iZmIwZjA2ZWFjMzAmcHJvdGVjdGVkdG9rZW49dHJ1ZSZjbGFpbXM9JTdiJTIyaWRfdG9rZW4lMjIlM2ElN2IlMjJ4bXNfY2MlMjIlM2ElN2IlMjJ2YWx1ZXMlMjIlM2ElNWIlMjJDUDElMjIlNWQlN2QlN2QlN2Qmbm9uY2U9NjM4NDg4ODEzMjU4NjM4MzYyLjBkY2QyYzU5LTM4ZDgtNGE3Ny05MzdkLWRhY2I2Yjk2ZmNkNiZzdGF0ZT1EWXRCRHNJZ0VBQkIzLUxKMENMUVpUazBQc1hRWGRRbUNERnFfWDczTUpPNWpGWktIWVdEb0sxSVJmQVlFUEhpM1lUU0h0eGdtZGpSbEl4SFJoTnlqQ2I1eUlZekxiQWt1Qk9EbHZjODluOGVyN1VfMW5aN3J1MDdFOVd5bFpvYm40SXRXM19fQ3RObm9QN2FBUQ== | 5.230.36.111 | 302 Found | 0 B |
URL User Request GET HTTP/1.1pugetsystems.co/?j63vqf5h6=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZjbGllbnQtcmVxdWVzdC1pZD0xYjY5ZjNjOS0wMWVmLWQxNzYtMDViMy1iZmIwZjA2ZWFjMzAmcHJvdGVjdGVkdG9rZW49dHJ1ZSZjbGFpbXM9JTdiJTIyaWRfdG9rZW4lMjIlM2ElN2IlMjJ4bXNfY2MlMjIlM2ElN2IlMjJ2YWx1ZXMlMjIlM2ElNWIlMjJDUDElMjIlNWQlN2QlN2QlN2Qmbm9uY2U9NjM4NDg4ODEzMjU4NjM4MzYyLjBkY2QyYzU5LTM4ZDgtNGE3Ny05MzdkLWRhY2I2Yjk2ZmNkNiZzdGF0ZT1EWXRCRHNJZ0VBQkIzLUxKMENMUVpUazBQc1hRWGRRbUNERnFfWDczTUpPNWpGWktIWVdEb0sxSVJmQVlFUEhpM1lUU0h0eGdtZGpSbEl4SFJoTnlqQ2I1eUlZekxiQWt1Qk9EbHZjODluOGVyN1VfMW5aN3J1MDdFOVd5bFpvYm40SXRXM19fQ3RObm9QN2FBUQ== IP5.230.36.111:443
CertificateIssuerLet's Encrypt Subjectpugetsystems.co FingerprintE9:DA:86:8E:E5:50:15:CF:30:6F:54:F4:08:6D:D6:26:3A:A5:2D:05 ValidityThu, 11 Apr 2024 11:49:22 GMT - Wed, 10 Jul 2024 11:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?j63vqf5h6=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZjbGllbnQtcmVxdWVzdC1pZD0xYjY5ZjNjOS0wMWVmLWQxNzYtMDViMy1iZmIwZjA2ZWFjMzAmcHJvdGVjdGVkdG9rZW49dHJ1ZSZjbGFpbXM9JTdiJTIyaWRfdG9rZW4lMjIlM2ElN2IlMjJ4bXNfY2MlMjIlM2ElN2IlMjJ2YWx1ZXMlMjIlM2ElNWIlMjJDUDElMjIlNWQlN2QlN2QlN2Qmbm9uY2U9NjM4NDg4ODEzMjU4NjM4MzYyLjBkY2QyYzU5LTM4ZDgtNGE3Ny05MzdkLWRhY2I2Yjk2ZmNkNiZzdGF0ZT1EWXRCRHNJZ0VBQkIzLUxKMENMUVpUazBQc1hRWGRRbUNERnFfWDczTUpPNWpGWktIWVdEb0sxSVJmQVlFUEhpM1lUU0h0eGdtZGpSbEl4SFJoTnlqQ2I1eUlZekxiQWt1Qk9EbHZjODluOGVyN1VfMW5aN3J1MDdFOVd5bFpvYm40SXRXM19fQ3RObm9QN2FBUQ== HTTP/1.1
Host: pugetsystems.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: qPdM=MyM2diz6Djxt; qPdM.sig=uLiQD1Cr3p_i5oLKz1OgdrOAMXw; ClientId=A562510DCF084E8C81AA43256A0C9C85; OIDC=1; OpenIdConnect.nonce.v3.OsEZS40WotwAwBv6ckaxvuauiuWvNSuRZniwOzpBfQQ=638488813258638362.0dcd2c59-38d8-4a77-937d-dacb6b96fcd6; X-OWA-RedirectHistory=ArLym14BGoRXWzFe3Ag
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Location: https://pugetsystems.co/?j63vqf5h6=aHR0cHM6Ly9ldm9xdWVkY3Mub2t0YS5jb20vYXBwL29mZmljZTM2NS9leGs2MWUyYTF5Q2JHWjN4WTM1Ni9zc28vd3NmZWQvcGFzc2l2ZT9sb2dpbl9oaW50PWNjbGV2ZWxhbmQlNDBldm9xdWVkY3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPTFiNjlmM2M5LTAxZWYtZDE3Ni0wNWIzLWJmYjBmMDZlYWMzMCZ1c2VybmFtZT1jY2xldmVsYW5kJTQwZXZvcXVlZGNzLmNvbSZ3YT13c2lnbmluMS4wJnd0cmVhbG09dXJuJTNhZmVkZXJhdGlvbiUzYU1pY3Jvc29mdE9ubGluZSZ3Y3R4PWVzdHNyZWRpcmVjdCUzZDIlMjZlc3RzcmVxdWVzdCUzZHJRUUlBUkFBalpGTmlCSnhBTVg5T3pxdDI1ZnNLZWdRREVHME1Ucmo2TXdvQkRucW9xdnJ4MnI0RVRHTV81blIwWm41cXpPYXVuZ0tJb2hnV1lnZzZ0TFJPaXpiSmZaU3A2QTkyWFVoNkxnRTFWSVhqeWxkdXRVN1BINkh4enU4dDQ3UlBqcHlsZnFqQUxsMGtsSlZtb1RLa3Y1U2IyM1YtX0dYZHZrSEdIeHl2M20zZjJxLXBxYmdTdE8yTzFiRTcwZDlXMGVvN1VPcXFrSEZCNUhoUl9ja18xc0FaZ0NjQUxEbnZBU2hyZ3dVWFRMbFc4b0FkZnVLREsxbGNPcmtXSVlQOGp4UE00RVF2MkNHRGZnb0djb0JHQXFURENfelpGRGlPRExNY0RJcFM3RE8xc09zQ21YMjJIa3hGLTNiemNEU1VFOGJLei1kSGhYMURMR0RMUHNadGdmaVZWdUlXNmxHSWlvSURKblpwR0taUXEzVXB2SldwVkNSQzBZc3Z0RVZLeHl6dFprTHRUWnE2V1MxSEVkcE9yV3RScXVKZkZKanFxVmkwaDQyRExtMXJhZUd5ZTFtZHRTSzFVT2pWSFdjcVVmYmZTRVgxd2VRRDV1ODB1TnVpN1JaNDNwOWlrdUV5eU85aHVwbU1HV1hHVkdNMlZrVDVUa3BXcGhpX3pYM0FZWXZwakdRZVlUaHFLT1ltanh6Z1M4dThOWGxwRmJtTHZEU3ZmaURscjdkU0QtNmxubkFQWDkxX2VDRjQ4anRqNGJhYW9OVFVWd29NVU02cWJLQmxwX2RTb19NVks5WUsyWnBvVFlXdWtYV0hJUVNOOE1SZWhjSHV6aC1pSHRXTUstRHdHSjUtZ1FIcHpoNGVNWng2UG5YdWJPejRQaGNjQldIdXFRWjF0cjZEcUhKb28zYWlrbEVkb2loWVlrUUxta2c2WDNGSWlKM2lFVV9jWGN5bWJ3Xzc1aGZ1UDk0X3ZuSmg2ZmZrX3RleDI4MSM=
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 2bed6131-8b4b-4c27-8637-9cab29b29d00
x-ms-ests-server: 2.1.17789.7 - SCUS ProdSlices
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: buid=0.ASwAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8XObZ_dp5Udf2JH8ZLNT9gg5JRsac5ihWww_tSrNfiyPy0Hi3BDCbL8MTnZZ8sL946RaAI4gnTEYtV1pgrpWj7Q25fOINu2lAc9z03mDUTe0gAA; expires=Thu, 16-May-2024 16:22:06 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=AimtBSlLRBpPk8tcbRFzxL-erOTJAQAAAK6csN0OAAAA; expires=Thu, 16-May-2024 16:22:06 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8FsQgXAd-uKSlDDxd6k4d7oUaFHxH3krpjkbKsYQPKheyHVDWiwlcJ7kIWaynT1FVJEKPFteNUxKVIbSFKXXvUxrnkulqebiN9bASYoYawOprS1h8-EhD8vhxkgIE3rCWFlzIH4B0Xu3rSDSZLKgVdkWGakKiseRvOT_Udi8EgDAgAA; domain=pugetsystems.co; path=/; secure; HttpOnly; SameSite=None
cltm=CgAQABoAIgQIDBAF; domain=pugetsystems.co; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Tue, 16 Apr 2024 16:22:06 GMT
Connection: close
content-length: 1710
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|