Report - mkonsusgc.andrewyuscammer.com/bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20=

Report Overview

Submitted URL
mkonsusgc.andrewyuscammer.com/bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20=
IP
69.49.245.172
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2024-03-28 16:14:38
Access
public
Website Title
df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Final URL
df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
9
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mkonsusgc.andrewyuscammer.com	unknown	unknown	No data	No data	436 B	2.1 kB	69.49.245.172
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-03-28	2.5 kB	167 kB	104.17.2.184
team-telstra.co	unknown	2024-03-26	2024-03-27	2024-03-28	15 kB	677 kB	5.230.44.183
df34d9fc.495f115f35e2dc7a881a80b8.workers.dev	unknown	2019-02-08	2024-03-27	2024-03-27	1.3 kB	5.6 kB	172.67.157.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==	329 B	2023-03-07	2024-04-25
Pretty URL team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== IP 5.230.44.183 ASN #12586 GHOSTnet GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 18:48:04 Times Seen925 Hash 097a19f95cd08ecbbc661052b26f0b8a 377a038d746b67f20117196b67c4790250a1d86e 88b0507affd47707dd2caad2efb8829a6db41697e4f98674f0870227d43a1dc3 Loading...

	team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==	4.5 kB	2023-03-07	2024-04-25
Pretty URL team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== IP 5.230.44.183 ASN #12586 GHOSTnet GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 18:48:04 Times Seen889 Hash eadb1c57f47e53a98b694a385f79f620 e91698d36f629f7a08ce11962a6e32306239e942 7e76f95325cbc84d2b81876f84c0f296f149c093c28694f28dfe94ad95b57593 Loading...

	team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==	74 B	2023-03-07	2024-04-25
Pretty URL team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== IP 5.230.44.183 ASN #12586 GHOSTnet GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 02:01:47 Times Seen1181 Hash f45acdd570674b3cbfb341f472b50b79 54234db194e495f33df75c256c355be3ea927885 a0609519e75507a912342dfccd41b2775f8065ffa3a93662b7cec09e963dd824 Loading...

	team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==	279 B	2023-03-07	2024-04-23
Pretty URL team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== IP 5.230.44.183 ASN #12586 GHOSTnet GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-23 15:42:04 Times Seen561 Hash f72c5c2c97ec721cc1d373ad35d6895d 96681997b700168a435fdcfd4cd19ad1760915cd f33c0d856ba8c8cc39c22d79b90cae7efd7d697b430842834676f0bd33c84c5d Loading...

	data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo=	341 B	2023-10-02	2024-04-27
Pretty URL data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-02 01:17:43 Last Seen2024-04-27 10:36:36 Times Seen32789 Hash d6f18bfe02b31db3664d5d27f03ea142 aae6f850e8ea4ff74dcd6213ad6a4565cbd6802e 90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221 Loading...

	team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==	1.5 kB	2023-03-07	2024-04-25
Pretty URL team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== IP 5.230.44.183 ASN #12586 GHOSTnet GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 02:01:47 Times Seen980 Hash 2468778aab7f738efe448e7286a89810 8e22d446ddabbc604fc639c8b39e11d150e1513f d0d79904eae708f6ab256d015cd7cea6de4dc38089e11b4a34639aea19855d5b Loading...

	team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==	6.1 kB	2024-03-28	2024-03-28
Pretty URL team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== IP 5.230.44.183 ASN #12586 GHOSTnet GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash c117dcb90fbbb39137ef5dabec27afe4 281dd611031303f70eabbb8f1a49213683108af9 c0de1232f58f5d00a27e1eb8de1aa7de8425712c8ed6cd0b53133a8657ad1819 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 78e0618a303e6b58f81d66d36eea564f	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash 78e0618a303e6b58f81d66d36eea564f 32ec4a5ae07749fcd8af860db3876e50736c518f 7b12b32744bbe73d159a3c2b94e7fd56974bd2f952381883377e634fd6206c6f Loading...

	#2 Eval - 190ef4edaf4aba9ce6829ea860b2cb65	61 B	2024-03-22	2024-04-04
Pretty Observations First Seen2024-03-22 10:35:33 Last Seen2024-04-04 15:56:11 Times Seen1815 Hash 190ef4edaf4aba9ce6829ea860b2cb65 84010fdde06dc04427d11aafdf4ba6495e14eff8 0334ef3ce9e77db17376ce3e320fe96b901743f1baa1096cc4066922ac672f8c Loading...

	#3 Eval - b188273ac02b1b66d15ccef9266c63dc	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash b188273ac02b1b66d15ccef9266c63dc b2944769693737067303997ae5ed203920aaf244 f26a337eeab363f59cba9e47221b3707b9aeb670db53ce36aa7a73b03b4ec387 Loading...

	#4 Eval - d9bf3f7b219aa8719a71a2133564fad7	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash d9bf3f7b219aa8719a71a2133564fad7 64c86d7c4c33fe36515354ea19a1c8eb70b799b9 6cc01330cd7311c4e84db9dc047b1e32ab2a93058dca4e58690194cd62e7e16b Loading...

	#5 Eval - 438b8637675896fbd75b676d0d79af68	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash 438b8637675896fbd75b676d0d79af68 41b8885ec8fc4cc518cc52a98817c15e55d5a87a cbc9e28fcbfcb2d87881a9496f174955000629ebeaff3d028782a17fc8a9ce90 Loading...

	#6 Eval - f52c1e39955a5ced4e26685bd561aaa2	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash f52c1e39955a5ced4e26685bd561aaa2 116494d2009178f623e51b7f3d370b9d7d09d493 95da311cbf19bba93383d8564985fc6a2b60467b6e769851aae35e8c28c81c5c Loading...

	#7 Eval - 8e4d116db2e0aa3b8812720fc6ae9da4	142 B	2024-03-22	2024-04-04
Pretty Observations First Seen2024-03-22 10:35:33 Last Seen2024-04-04 15:31:47 Times Seen416 Hash 8e4d116db2e0aa3b8812720fc6ae9da4 bd3a79ffc4501da14fdfc3cb51f0185984072853 555fd19ad506586f1856d7fe16b3643aacfc19d361dd516154a23bb360c0aef7 Loading...

	#8 Eval - 91b4cb2451ab22d8b9956186f7b1b5dc	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash 91b4cb2451ab22d8b9956186f7b1b5dc 86e0ae42e47a7454dcd41d39c0768af8b0e55265 fe3b7ab84ce165af0364e97e2e70f9ddc73b84969527c0082226aa5a996cb43d Loading...

	#9 Eval - f500df7b5cdfd876272123e32c3816a8	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash f500df7b5cdfd876272123e32c3816a8 00301eb17e7e65964d358bc572a47eb33f695648 39aecbb59e10ed83f856305f560f00cfb159622850ec8f0f069d92561c9dc428 Loading...

	#10 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-27 20:27:07 Times Seen350227 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#11 Eval - f14bd4145c7d09f6149e38ddffdb3b28	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash f14bd4145c7d09f6149e38ddffdb3b28 c17af50dda21590548125255095db86ce61c3636 0694d9aa12fbaf878c235e1bf58035d24adcf9a69359c41698bd8f10405af2f5 Loading...

	#12 Eval - 7018ead241bd84a4f007bb60cebdb647	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash 7018ead241bd84a4f007bb60cebdb647 e3ed825a12e7c8eae793ec48054811ba56d79763 406f3b2cf74a5032d142c715edf4bbd15c503738c39b85f94ff8e07573237c82 Loading...

	#13 Eval - 95df95e45ce0555e944f513cedd5e56c	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash 95df95e45ce0555e944f513cedd5e56c 4cb1cda911d15d5b5cc4d839f7246a1f0767732d 8868889ae03310aec61e22a39b671aa4a163345c0f2430362aee220186956469 Loading...

	#14 Eval - 4ed5bec7c7da06ca51f09c9d75d7de29	28 B	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 17:14:45 Last Seen2024-03-28 17:14:45 Times Seen1 Hash 4ed5bec7c7da06ca51f09c9d75d7de29 bbe2ae65a2a01b99055f70569f9c0a53599d3bff fea531819b5ece0acd17917a6a659a76c5f503a5ccd0163e9bb643e1fad94cb2 Loading...

HTTP Transactions (15)

URL IP Response Size

mkonsusgc.andrewyuscammer.com/bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20=

69.49.245.172

1.9 kB

URL
mkonsusgc.andrewyuscammer.com/bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20=
IP
69.49.245.172:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
HTML document, ASCII text, with very long lines (1753), with CRLF line terminators
Size
1.9 kB (1940 bytes)
Hash
e8c69dca0a6068b538697ccb2c837221
5ffc9119704141f21d725c3f4966718ea1aac94a
1718812114ec5b532e8a819ace1bd5a2da6ab4e57bf8819bffc4216fe52cc1df

HTTP Headers

GET /bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20= HTTP/1.1
Host: mkonsusgc.andrewyuscammer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:14:12 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.17.2.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 16:14:14 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b8e979dc140b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/86b8e97a8abeb515/1711642454472/sRxdBKQ7D2-lcEP

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/86b8e97a8abeb515/1711642454472/sRxdBKQ7D2-lcEP
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 96 x 19, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
732da570735e5b5282d7febb8a416e33
69c80847252717756b0e3379a8f78bee52a19469
35b53820b238543e230200b4571f14c770a41caddb7f3ea9778030cf989652fe

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/86b8e97a8abeb515/1711642454472/sRxdBKQ7D2-lcEP HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yeegj/0x4AAAAAAAVwNp71xtt5bDOJ/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:14 GMT
content-type: image/png
server: cloudflare
cf-ray: 86b8e97f6f62b515-OSL
alt-svc: h3=":443"; ma=86400

team-telstra.co/?qrc=marcus.kaeller%40affidea.com

5.230.44.183

302 Moved Temporarily

0 B

URL GET HTTP/1.1
team-telstra.co/?qrc=marcus.kaeller%40affidea.com
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /?qrc=marcus.kaeller%40affidea.com HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache
Pragma: no-cache
Location: https://team-telstra.co/owa/?login_hint=marcus.kaeller%40affidea.com
Server: Microsoft-IIS/10.0
request-id: 409abbc2-7376-1d75-1ded-4687e9149517
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-FEServer: FR4P281CA0415, FR4P281CA0415
X-RequestId: 3c8ee817-5470-45dc-aa89-850f6a23d41c
X-FEProxyInfo: FR4P281CA0415.DEUP281.PROD.OUTLOOK.COM
X-FEEFZInfo: FRA
MS-CV: wruaQHZzdR0d7UaH6RSVFw.0
X-Powered-By: ASP.NET
Date: Thu, 28 Mar 2024 16:14:20 GMT
Connection: close
Content-Length: 0
Content-Security-Policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval';  script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

team-telstra.co/owa/?login_hint=marcus.kaeller%40affidea.com

5.230.44.183

302 Found

1.4 kB

URL GET HTTP/1.1
team-telstra.co/owa/?login_hint=marcus.kaeller%40affidea.com
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type
HTML document, ASCII text, with very long lines (794), with CRLF, LF line terminators
Size
1.4 kB (1374 bytes)
Hash
757c35f998ce50b6ad9d52b788ca37e5
1dc1961b88eae797fc195d9e9aea27464daa16fb
89d91f3f978eb35cbba7d1d4f0496f16556ada1f982452770819daea2393bcd4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /owa/?login_hint=marcus.kaeller%40affidea.com HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
content-length: 1374
Content-Type: text/html; charset=utf-8
Location: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3
Server: Microsoft-IIS/10.0
request-id: a9b1e6bc-6a32-ce3b-1a2e-f99f15e70107
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedFETarget: FR3P281CU011.internal.outlook.com
X-BackEndHttpStatus: 302, 302
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: ClientId=D5613D4490B342F196FF111F449DCDC8; expires=Fri, 28-Mar-2025 16:14:20 GMT; path=/;SameSite=None; secure
ClientId=D5613D4490B342F196FF111F449DCDC8; expires=Fri, 28-Mar-2025 16:14:20 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Sat, 28-Sep-2024 16:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; expires=Thu, 28-Mar-2024 17:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OptInPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
ClientId=D5613D4490B342F196FF111F449DCDC8; expires=Fri, 28-Mar-2025 16:14:20 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Sat, 28-Sep-2024 16:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; expires=Thu, 28-Mar-2024 17:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OptInPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; expires=Thu, 28-Mar-2024 22:16:20 GMT; path=/;SameSite=None; secure; HttpOnly
X-CalculatedBETarget: FR3P281MB3216.DEUP281.PROD.OUTLOOK.COM
X-RUM-Validated: 1
X-RUM-NotUpdateQueriedPath: 1
X-RUM-NotUpdateQueriedDbCopy: 1
X-BeSku: WCS7
X-OWA-DiagnosticsInfo: 3;0;0
X-IIDs: 0
X-BackEnd-Begin: 2024-03-28T16:14:20.957
X-BackEnd-End: 2024-03-28T16:14:20.957
X-DiagInfo: FR3P281MB3216
X-BEServer: FR3P281MB3216
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 302
X-FEProxyInfo: FR4P281CA0418.DEUP281.PROD.OUTLOOK.COM
X-FEEFZInfo: FRA
X-FEServer: FR3P281CA0170, FR4P281CA0418
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-FirstHopCafeEFZ: FRA
Date: Thu, 28 Mar 2024 16:14:20 GMT
Connection: close
Content-Security-Policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval';  script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1661522383:1711638789:lyOHdHKpQci6GcCLfQU-JnwL2_OGJdkyp1wEHLc6zSA/86b8e97a8abeb515/a39210922ca818c

104.17.2.184

12 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1661522383:1711638789:lyOHdHKpQci6GcCLfQU-JnwL2_OGJdkyp1wEHLc6zSA/86b8e97a8abeb515/a39210922ca818c
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3496), with no line terminators
Size
12 kB (12295 bytes)
Hash
a2ea5714be54269adcb005c2e022d5d0
bb5c5baa500993f4b130b78492034a6fc959bce9
60118b657046e114c904c78f5db5ffe72f7427b30e1ff86deb5f209bacb400e6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1661522383:1711638789:lyOHdHKpQci6GcCLfQU-JnwL2_OGJdkyp1wEHLc6zSA/86b8e97a8abeb515/a39210922ca818c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yeegj/0x4AAAAAAAVwNp71xtt5bDOJ/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a39210922ca818c
Content-Length: 35442
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:19 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: NZYGGF/yIh8ST+bz4lanKbcD05bijcp6j4aSDJYoRnjWnZSORgAFIXH87qYS6hGAprKfwKJ+zupp+y0pCcSblL2G+6/fnpzV4AffZQhh0psNO8vNIhyWDD99HkW/DUMy$KB2HcKMvgktr69ulLCkWeg==
cf-chl-out-s: vavjgTRbb79HmJWB5zoafrswaYyRNhqLUsFfgis1noyap7Kt6nCajyDFZxbua5uSwU5/J+bcr70lfG1t8OpGgBBmGi1q8i6xDQxE5SIN67eh5jQ0aKX206lwt5EBqscyhc/AIQ7upPKEP6wLVGXSqQ1u2g3ZoHpgOJKt0VQHYk+I9zRJiAzdOpbOHXSyjObAD2IrF80dTJXlQtTirtLMMq7WMn5rW+GQS7s/zn81l0Q6QIX+KfCbywHTFrEfzPOLuVEsFDdKmiqE1P3NWUTP38oouhmCuTIOhoMdc+sJupPUVJzrYEPEXt/YiMuwRLkZgO0gudNGEPxRLtJxZHEdlMJ5X8TeH3KDwpxO6KEPYCiDq2GtLi5lBRARuPKU29eK+TkhiHrbtu0YIZXQzasaHMhpF2qd1oTy6t08TUBvx5moUfHsMHDpIxZTHeQA+rcHHazOb6IQ2Omia6DSJ1RNVyjQCT2LkjGngtxqyzxcp9srYhFBjNxxOrCS+WTpZsn5PD+IFMcOU0oS66bhyYSAoVSCm6n72U08AzuF/95Nvl2r0JPfGVZsHpSneagyWY0dCMoOHeTBaIXqlB1oUU5UtSw23zlURswbk9/IXmfbFCMVVQ9c3+GA1zMVw33TaCA1$yiXbLkYX6tDoKpQ3qAT5nQ==
server: cloudflare
cf-ray: 86b8e99e5b26b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3

5.230.44.183

302 Found

7.5 kB

URL GET HTTP/1.1
team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type
HTML document, ASCII text, with very long lines (1166), with CRLF, LF line terminators
Size
7.5 kB (7538 bytes)
Hash
80bd9a693956301f83c170c7f22746ed
443b45699171546f9ed0bc7496def85ab527d640
074c6843ea81e0dd8f4216f3e327dd08ef12b1c5294b5cbef489c580f0aaa939

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Location: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: d187b862-11ef-4b0b-84e4-af0a253d3d00
x-ms-ests-server: 2.1.17615.11 - NEULR1 ProdSlices
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; expires=Sat, 27-Apr-2024 16:14:21 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; expires=Sat, 27-Apr-2024 16:14:21 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; domain=team-telstra.co; path=/; secure; HttpOnly; SameSite=None
cltm=CgAQABoAIgQIDBAF; domain=team-telstra.co; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Thu, 28 Mar 2024 16:14:21 GMT
Connection: close
content-length: 1667
Content-Security-Policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval';  script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=86b8e97a8abeb515

104.17.2.184

152 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=86b8e97a8abeb515
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
152 kB (152372 bytes)
Hash
6e28e1a30624975c07fe0a0b90dd0882
5f9616adc5fbeb3e242a96ab8f7eae8214bf1c5b
16f0ed4c489ccb96d7c1b6464b2804a927f447fbaa41b25e6906b72220b7faf1

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=86b8e97a8abeb515 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yeegj/0x4AAAAAAAVwNp71xtt5bDOJ/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:14 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 86b8e97afb1fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

team-telstra.co/adfs/portal/logo/logo.png?id=525B366874D245C08465CB69C72EC1DEAD3284B4E9ED3F1322B9DB84256EE934

5.230.44.183

503 Service Unavailable

24 kB

URL GET HTTP/1.1
team-telstra.co/adfs/portal/logo/logo.png?id=525B366874D245C08465CB69C72EC1DEAD3284B4E9ED3F1322B9DB84256EE934
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type
HTML document, ASCII text, with very long lines (23894)
Size
24 kB (24541 bytes)
Hash
ef46954299f604ac524a35bbd589cf09
f70f46d4d3d2c598310d9d64a48a39447131f9d7
d91932e6097db6965cf6842683198291866d8f7b4ac8d5aaee8e137cdb09cfb7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /adfs/portal/logo/logo.png?id=525B366874D245C08465CB69C72EC1DEAD3284B4E9ED3F1322B9DB84256EE934 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 503 Service Unavailable
Date: Thu Mar 28 16:14:32 2024 GMT
content-length: 24541
Connection: close
Content-Type: text/html
Content-Security-Policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval';  script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

team-telstra.co/adfs/portal/illustration/illustration.png?id=E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D

5.230.44.183

200 OK

579 kB

URL GET HTTP/1.1
team-telstra.co/adfs/portal/illustration/illustration.png?id=E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type
PNG image data, 1420 x 1080, 8-bit colormap, non-interlaced
Size
579 kB (578892 bytes)
Hash
8a0b283f38d25a4b5740ce2e56cac392
9535d332f2b10accc91075d2d5f6096a80f14198
e19950a6aee57ab072d7ebce0ba063edc728fca5949f23ee34c72913b126a68d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /adfs/portal/illustration/illustration.png?id=E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 578892
Content-Type: image/png
Expires: Sat, 27 Apr 2024 15:14:32 GMT
ETag: E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:
Date: Thu, 28 Mar 2024 16:14:32 GMT
Connection: close
Set-Cookie: cookiesession1=678A3F0DC5B282EC9A097DEB64CF51CB;Expires=Fri, 28 Mar 2025 16:14:32 GMT;Path=/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com

172.67.157.35

200 OK

1.2 kB

URL User Request POST HTTP/3
df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
IP
172.67.157.35:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject495f115f35e2dc7a881a80b8.workers.dev
Fingerprint1E:2A:8A:18:DD:E8:CE:FD:78:49:48:79:71:CD:9F:61:21:F5:E0:F9
ValidityThu, 14 Mar 2024 18:23:37 GMT - Wed, 12 Jun 2024 18:23:36 GMT

File type
HTML document, ASCII text, with very long lines (1186), with no line terminators
Size
1.2 kB (1166 bytes)
Hash
549ca0d048dd36074f4b64cdbc3ae2b5
803e67dab4e6a9b251bf3a7c74b3f73ae3d1004e
a2d29e9d76cc08ab7da03ad56625365d4a79a3ac11ae389b34bb5eb0bf0de873

HTTP Headers

POST /?qrc=marcus.kaeller@affidea.com HTTP/1.1
Host: df34d9fc.495f115f35e2dc7a881a80b8.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 582
Origin: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:20 GMT
content-type: text/html;
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1UVXpwaL0B3BL%2Fqr2YpnkTVc3g%2BgLHvb0%2FYw63pLW%2FcpXkzr6EHH44riBKUDcMjlbDd6DckJqUpm8wwm9d5HEtADhcfbKl%2BB0zpvB1ASiHWkbCo4vnc%2F2QE9raM%2BBUSZSmKtkjcB8r%2FiRf3X%2Fzg1khxCuUdwYnF03H4mLmZXh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b8e99eea0b5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

team-telstra.co/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3RlYW0tdGVsc3RyYS5jbyIsImRvbWFpbiI6InRlYW0tdGVsc3RyYS5jbyIsImtleSI6IlhWSktob1FxWlY1ZSIsInFyYyI6Im1hcmN1cy5rYWVsbGVyQGFmZmlkZWEuY29tIiwiaWF0IjoxNzExNjQyNDYwLCJleHAiOjE3MTE2NDI1ODB9.fnCAnzXzvaFKAGh-5y7STPrPJ4RKw08Sfb437M257m8

5.230.44.183

302 Found

21 kB

URL GET HTTP/1.1
team-telstra.co/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3RlYW0tdGVsc3RyYS5jbyIsImRvbWFpbiI6InRlYW0tdGVsc3RyYS5jbyIsImtleSI6IlhWSktob1FxWlY1ZSIsInFyYyI6Im1hcmN1cy5rYWVsbGVyQGFmZmlkZWEuY29tIiwiaWF0IjoxNzExNjQyNDYwLCJleHAiOjE3MTE2NDI1ODB9.fnCAnzXzvaFKAGh-5y7STPrPJ4RKw08Sfb437M257m8
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type

Size
21 kB (20733 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3RlYW0tdGVsc3RyYS5jbyIsImRvbWFpbiI6InRlYW0tdGVsc3RyYS5jbyIsImtleSI6IlhWSktob1FxWlY1ZSIsInFyYyI6Im1hcmN1cy5rYWVsbGVyQGFmZmlkZWEuY29tIiwiaWF0IjoxNzExNjQyNDYwLCJleHAiOjE3MTE2NDI1ODB9.fnCAnzXzvaFKAGh-5y7STPrPJ4RKw08Sfb437M257m8 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Set-Cookie: qPdM=XVJKhoQqZV5e; path=/; samesite=none; secure; httponly
qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; path=/; samesite=none; secure; httponly
location: /?qrc=marcus.kaeller%40affidea.com
Date: Thu, 28 Mar 2024 16:14:20 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/favicon.ico

172.67.157.35

200 OK

3.3 kB

URL GET HTTP/3
df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/favicon.ico
IP
172.67.157.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Certificate
IssuerGoogle Trust Services LLC
Subject495f115f35e2dc7a881a80b8.workers.dev
Fingerprint1E:2A:8A:18:DD:E8:CE:FD:78:49:48:79:71:CD:9F:61:21:F5:E0:F9
ValidityThu, 14 Mar 2024 18:23:37 GMT - Wed, 12 Jun 2024 18:23:36 GMT

File type
HTML document, ASCII text, with very long lines (3271), with no line terminators
Size
3.3 kB (3255 bytes)
Hash
d2fb2b25bcfe15104dea88e56cb414c3
eb08d90afb2405328059400dbe3f0a7f47531a40
d8f30fb56272a60722051bca5135e030e0a9f8eb0f8a6d68dc080663e866debd

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: df34d9fc.495f115f35e2dc7a881a80b8.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:20 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgolEvvpRD8yVjG8ml8bm85suDwKUwi8r8ud8zjcELO%2B81M4%2FYJMrjKJYPaGUFdlUR%2B5zNf%2BRvyHCJUlMgX5J9AT0xtUUzecadUtWGfgesx3nDOg1pJ5dsN4L8fZnCulJJ6s2ZVCz2zXmBwiGLabJmDGWpI%2BytNJK0E8NGw1BIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b8e9a25e225687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==

5.230.44.183

200 OK

21 kB

URL GET HTTP/1.1
team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1166), with CRLF, LF line terminators
Size
21 kB (20733 bytes)
Hash
9530f5011ba7687a0e62caa54916b1bb
71765b318db4d464a6b1eaca40372831d54a9a43
d2422c2d4af7bf0b8020f99675815f0fc35a54228dd4d9874ac20382bb94f5ae

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval';  script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Date: Thu, 28 Mar 2024 16:14:21 GMT
Connection: close
Set-Cookie: cookiesession1=678A3F0DDEDD84110AB8BE1B36F561C4;Expires=Fri, 28 Mar 2025 16:14:21 GMT;Path=/
Transfer-Encoding: chunked
Content-Encoding: gzip

team-telstra.co/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205

5.230.44.183

200 OK

8.1 kB

URL GET HTTP/1.1
team-telstra.co/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
IP
5.230.44.183:443
ASN
#12586 GHOSTnet GmbH

Requested by
https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Certificate
IssuerLet's Encrypt
Subjectteam-telstra.co
Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B
ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT

File type
Unicode text, UTF-8 text, with very long lines (8958), with no line terminators
Size
8.1 kB (8144 bytes)
Hash
2de6fa5a4634c32cfe968a8891d9938a
2bd44a14321b0564a5e25ce5bcf26760aa68064c
8ff196cddc35bf6a497cca4d741d7c9bc351ebcc4da7da13b0b242186a8b52ef

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 3406
Content-Type: text/css
Expires: Sat, 27 Apr 2024 15:14:22 GMT
ETag: 0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:
Date: Thu, 28 Mar 2024 16:14:21 GMT
Connection: close
Set-Cookie: cookiesession1=678A3F0D0EF4939B7A1E04284E6C239F;Expires=Fri, 28 Mar 2025 16:14:22 GMT;Path=/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations