| mkonsusgc.andrewyuscammer.com/bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20= | 69.49.245.172 | | 1.9 kB |
URL mkonsusgc.andrewyuscammer.com/bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20= IP69.49.245.172:0 ASN#19871 NETWORK-SOLUTIONS-HOSTING
File typeHTML document, ASCII text, with very long lines (1753), with CRLF line terminators Hashe8c69dca0a6068b538697ccb2c837221 5ffc9119704141f21d725c3f4966718ea1aac94a 1718812114ec5b532e8a819ace1bd5a2da6ab4e57bf8819bffc4216fe52cc1df
GET /bWFyY3VzLmthZWxsZXJAYWZmaWRlYS5jb20= HTTP/1.1
Host: mkonsusgc.andrewyuscammer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:14:12 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback | 104.17.2.184 | | 0 B |
URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP104.17.2.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 28 Mar 2024 16:14:14 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b8e979dc140b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/86b8e97a8abeb515/1711642454472/sRxdBKQ7D2-lcEP | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/86b8e97a8abeb515/1711642454472/sRxdBKQ7D2-lcEP IP104.17.2.184:0
File typePNG image data, 96 x 19, 8-bit/color RGB, non-interlaced Hash732da570735e5b5282d7febb8a416e33 69c80847252717756b0e3379a8f78bee52a19469 35b53820b238543e230200b4571f14c770a41caddb7f3ea9778030cf989652fe
GET /cdn-cgi/challenge-platform/h/g/i/86b8e97a8abeb515/1711642454472/sRxdBKQ7D2-lcEP HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yeegj/0x4AAAAAAAVwNp71xtt5bDOJ/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:14 GMT
content-type: image/png
server: cloudflare
cf-ray: 86b8e97f6f62b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| team-telstra.co/?qrc=marcus.kaeller%40affidea.com | 5.230.44.183 | 302 Moved Temporarily | 0 B |
URL GET HTTP/1.1team-telstra.co/?qrc=marcus.kaeller%40affidea.com IP5.230.44.183:443
Requested byhttps://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?qrc=marcus.kaeller%40affidea.com HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache
Pragma: no-cache
Location: https://team-telstra.co/owa/?login_hint=marcus.kaeller%40affidea.com
Server: Microsoft-IIS/10.0
request-id: 409abbc2-7376-1d75-1ded-4687e9149517
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-FEServer: FR4P281CA0415, FR4P281CA0415
X-RequestId: 3c8ee817-5470-45dc-aa89-850f6a23d41c
X-FEProxyInfo: FR4P281CA0415.DEUP281.PROD.OUTLOOK.COM
X-FEEFZInfo: FRA
MS-CV: wruaQHZzdR0d7UaH6RSVFw.0
X-Powered-By: ASP.NET
Date: Thu, 28 Mar 2024 16:14:20 GMT
Connection: close
Content-Length: 0
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| team-telstra.co/owa/?login_hint=marcus.kaeller%40affidea.com | 5.230.44.183 | 302 Found | 1.4 kB |
URL GET HTTP/1.1team-telstra.co/owa/?login_hint=marcus.kaeller%40affidea.com IP5.230.44.183:443
Requested byhttps://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
File typeHTML document, ASCII text, with very long lines (794), with CRLF, LF line terminators Hash757c35f998ce50b6ad9d52b788ca37e5 1dc1961b88eae797fc195d9e9aea27464daa16fb 89d91f3f978eb35cbba7d1d4f0496f16556ada1f982452770819daea2393bcd4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /owa/?login_hint=marcus.kaeller%40affidea.com HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
content-length: 1374
Content-Type: text/html; charset=utf-8
Location: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3
Server: Microsoft-IIS/10.0
request-id: a9b1e6bc-6a32-ce3b-1a2e-f99f15e70107
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedFETarget: FR3P281CU011.internal.outlook.com
X-BackEndHttpStatus: 302, 302
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: ClientId=D5613D4490B342F196FF111F449DCDC8; expires=Fri, 28-Mar-2025 16:14:20 GMT; path=/;SameSite=None; secure
ClientId=D5613D4490B342F196FF111F449DCDC8; expires=Fri, 28-Mar-2025 16:14:20 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Sat, 28-Sep-2024 16:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; expires=Thu, 28-Mar-2024 17:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OptInPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
ClientId=D5613D4490B342F196FF111F449DCDC8; expires=Fri, 28-Mar-2025 16:14:20 GMT; path=/;SameSite=None; secure
OIDC=1; expires=Sat, 28-Sep-2024 16:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
RoutingKeyCookie=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=team-telstra.co; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; expires=Thu, 28-Mar-2024 17:14:20 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
OptInPrg=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 28-Mar-1994 16:14:20 GMT; path=/; secure
X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; expires=Thu, 28-Mar-2024 22:16:20 GMT; path=/;SameSite=None; secure; HttpOnly
X-CalculatedBETarget: FR3P281MB3216.DEUP281.PROD.OUTLOOK.COM
X-RUM-Validated: 1
X-RUM-NotUpdateQueriedPath: 1
X-RUM-NotUpdateQueriedDbCopy: 1
X-BeSku: WCS7
X-OWA-DiagnosticsInfo: 3;0;0
X-IIDs: 0
X-BackEnd-Begin: 2024-03-28T16:14:20.957
X-BackEnd-End: 2024-03-28T16:14:20.957
X-DiagInfo: FR3P281MB3216
X-BEServer: FR3P281MB3216
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 302
X-FEProxyInfo: FR4P281CA0418.DEUP281.PROD.OUTLOOK.COM
X-FEEFZInfo: FRA
X-FEServer: FR3P281CA0170, FR4P281CA0418
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-FirstHopCafeEFZ: FRA
Date: Thu, 28 Mar 2024 16:14:20 GMT
Connection: close
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1661522383:1711638789:lyOHdHKpQci6GcCLfQU-JnwL2_OGJdkyp1wEHLc6zSA/86b8e97a8abeb515/a39210922ca818c | 104.17.2.184 | | 12 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1661522383:1711638789:lyOHdHKpQci6GcCLfQU-JnwL2_OGJdkyp1wEHLc6zSA/86b8e97a8abeb515/a39210922ca818c IP104.17.2.184:0
File typeASCII text, with very long lines (3496), with no line terminators Hasha2ea5714be54269adcb005c2e022d5d0 bb5c5baa500993f4b130b78492034a6fc959bce9 60118b657046e114c904c78f5db5ffe72f7427b30e1ff86deb5f209bacb400e6
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1661522383:1711638789:lyOHdHKpQci6GcCLfQU-JnwL2_OGJdkyp1wEHLc6zSA/86b8e97a8abeb515/a39210922ca818c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yeegj/0x4AAAAAAAVwNp71xtt5bDOJ/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a39210922ca818c
Content-Length: 35442
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:19 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: NZYGGF/yIh8ST+bz4lanKbcD05bijcp6j4aSDJYoRnjWnZSORgAFIXH87qYS6hGAprKfwKJ+zupp+y0pCcSblL2G+6/fnpzV4AffZQhh0psNO8vNIhyWDD99HkW/DUMy$KB2HcKMvgktr69ulLCkWeg==
cf-chl-out-s: vavjgTRbb79HmJWB5zoafrswaYyRNhqLUsFfgis1noyap7Kt6nCajyDFZxbua5uSwU5/J+bcr70lfG1t8OpGgBBmGi1q8i6xDQxE5SIN67eh5jQ0aKX206lwt5EBqscyhc/AIQ7upPKEP6wLVGXSqQ1u2g3ZoHpgOJKt0VQHYk+I9zRJiAzdOpbOHXSyjObAD2IrF80dTJXlQtTirtLMMq7WMn5rW+GQS7s/zn81l0Q6QIX+KfCbywHTFrEfzPOLuVEsFDdKmiqE1P3NWUTP38oouhmCuTIOhoMdc+sJupPUVJzrYEPEXt/YiMuwRLkZgO0gudNGEPxRLtJxZHEdlMJ5X8TeH3KDwpxO6KEPYCiDq2GtLi5lBRARuPKU29eK+TkhiHrbtu0YIZXQzasaHMhpF2qd1oTy6t08TUBvx5moUfHsMHDpIxZTHeQA+rcHHazOb6IQ2Omia6DSJ1RNVyjQCT2LkjGngtxqyzxcp9srYhFBjNxxOrCS+WTpZsn5PD+IFMcOU0oS66bhyYSAoVSCm6n72U08AzuF/95Nvl2r0JPfGVZsHpSneagyWY0dCMoOHeTBaIXqlB1oUU5UtSw23zlURswbk9/IXmfbFCMVVQ9c3+GA1zMVw33TaCA1$yiXbLkYX6tDoKpQ3qAT5nQ==
server: cloudflare
cf-ray: 86b8e99e5b26b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3 | 5.230.44.183 | 302 Found | 7.5 kB |
URL GET HTTP/1.1team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3 IP5.230.44.183:443
Requested byhttps://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
File typeHTML document, ASCII text, with very long lines (1166), with CRLF, LF line terminators Hash80bd9a693956301f83c170c7f22746ed 443b45699171546f9ed0bc7496def85ab527d640 074c6843ea81e0dd8f4216f3e327dd08ef12b1c5294b5cbef489c580f0aaa939
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /captcha.rdr?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0NzIzOTI2MDk1NzYzODYuMzE3MjRmYWQtNTQ5YS00YTk0LWFlMDYtZDM0YjhlZGJkZDc0JnN0YXRlPUZZdEJEc0lnRUFCQjMtSnhLY0lXeXNINEZMUHRMa3FrSmFrYXZ5OGVacEk1akZaS0hUdUhqclpkS2dZX1lYUS11V0RULUs5Z19EazZ6TVF3WWlKQVNnZ2tOZ0I3bkNmaG1UbWk3aThNN1V2RHRiWjcyVzZQc3IwdkstM0w1MldlSkxYS2ZrSkxPUmNXTWt0YmZ3 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Location: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: d187b862-11ef-4b0b-84e4-af0a253d3d00
x-ms-ests-server: 2.1.17615.11 - NEULR1 ProdSlices
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; expires=Sat, 27-Apr-2024 16:14:21 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; expires=Sat, 27-Apr-2024 16:14:21 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; domain=team-telstra.co; path=/; secure; HttpOnly; SameSite=None
cltm=CgAQABoAIgQIDBAF; domain=team-telstra.co; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Thu, 28 Mar 2024 16:14:21 GMT
Connection: close
content-length: 1667
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=86b8e97a8abeb515 | 104.17.2.184 | | 152 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=86b8e97a8abeb515 IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size152 kB (152372 bytes) Hash6e28e1a30624975c07fe0a0b90dd0882 5f9616adc5fbeb3e242a96ab8f7eae8214bf1c5b 16f0ed4c489ccb96d7c1b6464b2804a927f447fbaa41b25e6906b72220b7faf1
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=86b8e97a8abeb515 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yeegj/0x4AAAAAAAVwNp71xtt5bDOJ/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:14 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 86b8e97afb1fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| team-telstra.co/adfs/portal/logo/logo.png?id=525B366874D245C08465CB69C72EC1DEAD3284B4E9ED3F1322B9DB84256EE934 | 5.230.44.183 | 503 Service Unavailable | 24 kB |
URL GET HTTP/1.1team-telstra.co/adfs/portal/logo/logo.png?id=525B366874D245C08465CB69C72EC1DEAD3284B4E9ED3F1322B9DB84256EE934 IP5.230.44.183:443
Requested byhttps://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
File typeHTML document, ASCII text, with very long lines (23894) Hashef46954299f604ac524a35bbd589cf09 f70f46d4d3d2c598310d9d64a48a39447131f9d7 d91932e6097db6965cf6842683198291866d8f7b4ac8d5aaee8e137cdb09cfb7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /adfs/portal/logo/logo.png?id=525B366874D245C08465CB69C72EC1DEAD3284B4E9ED3F1322B9DB84256EE934 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 503 Service Unavailable
Date: Thu Mar 28 16:14:32 2024 GMT
content-length: 24541
Connection: close
Content-Type: text/html
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
|
|
| team-telstra.co/adfs/portal/illustration/illustration.png?id=E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D | 5.230.44.183 | 200 OK | 579 kB |
URL GET HTTP/1.1team-telstra.co/adfs/portal/illustration/illustration.png?id=E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D IP5.230.44.183:443
Requested byhttps://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
File typePNG image data, 1420 x 1080, 8-bit colormap, non-interlaced Size579 kB (578892 bytes) Hash8a0b283f38d25a4b5740ce2e56cac392 9535d332f2b10accc91075d2d5f6096a80f14198 e19950a6aee57ab072d7ebce0ba063edc728fca5949f23ee34c72913b126a68d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /adfs/portal/illustration/illustration.png?id=E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 578892
Content-Type: image/png
Expires: Sat, 27 Apr 2024 15:14:32 GMT
ETag: E19950A6AEE57AB072D7EBCE0BA063EDC728FCA5949F23EE34C72913B126A68D
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:
Date: Thu, 28 Mar 2024 16:14:32 GMT
Connection: close
Set-Cookie: cookiesession1=678A3F0DC5B282EC9A097DEB64CF51CB;Expires=Fri, 28 Mar 2025 16:14:32 GMT;Path=/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com | 172.67.157.35 | 200 OK | 1.2 kB |
URL User Request POST HTTP/3df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com IP172.67.157.35:443
CertificateIssuerGoogle Trust Services LLC Subject495f115f35e2dc7a881a80b8.workers.dev Fingerprint1E:2A:8A:18:DD:E8:CE:FD:78:49:48:79:71:CD:9F:61:21:F5:E0:F9 ValidityThu, 14 Mar 2024 18:23:37 GMT - Wed, 12 Jun 2024 18:23:36 GMT
File typeHTML document, ASCII text, with very long lines (1186), with no line terminators Hash549ca0d048dd36074f4b64cdbc3ae2b5 803e67dab4e6a9b251bf3a7c74b3f73ae3d1004e a2d29e9d76cc08ab7da03ad56625365d4a79a3ac11ae389b34bb5eb0bf0de873
POST /?qrc=marcus.kaeller@affidea.com HTTP/1.1
Host: df34d9fc.495f115f35e2dc7a881a80b8.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 582
Origin: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:20 GMT
content-type: text/html;
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1UVXpwaL0B3BL%2Fqr2YpnkTVc3g%2BgLHvb0%2FYw63pLW%2FcpXkzr6EHH44riBKUDcMjlbDd6DckJqUpm8wwm9d5HEtADhcfbKl%2BB0zpvB1ASiHWkbCo4vnc%2F2QE9raM%2BBUSZSmKtkjcB8r%2FiRf3X%2Fzg1khxCuUdwYnF03H4mLmZXh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b8e99eea0b5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| team-telstra.co/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3RlYW0tdGVsc3RyYS5jbyIsImRvbWFpbiI6InRlYW0tdGVsc3RyYS5jbyIsImtleSI6IlhWSktob1FxWlY1ZSIsInFyYyI6Im1hcmN1cy5rYWVsbGVyQGFmZmlkZWEuY29tIiwiaWF0IjoxNzExNjQyNDYwLCJleHAiOjE3MTE2NDI1ODB9.fnCAnzXzvaFKAGh-5y7STPrPJ4RKw08Sfb437M257m8 | 5.230.44.183 | 302 Found | 21 kB |
URL GET HTTP/1.1team-telstra.co/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3RlYW0tdGVsc3RyYS5jbyIsImRvbWFpbiI6InRlYW0tdGVsc3RyYS5jbyIsImtleSI6IlhWSktob1FxWlY1ZSIsInFyYyI6Im1hcmN1cy5rYWVsbGVyQGFmZmlkZWEuY29tIiwiaWF0IjoxNzExNjQyNDYwLCJleHAiOjE3MTE2NDI1ODB9.fnCAnzXzvaFKAGh-5y7STPrPJ4RKw08Sfb437M257m8 IP5.230.44.183:443
Requested byhttps://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3RlYW0tdGVsc3RyYS5jbyIsImRvbWFpbiI6InRlYW0tdGVsc3RyYS5jbyIsImtleSI6IlhWSktob1FxWlY1ZSIsInFyYyI6Im1hcmN1cy5rYWVsbGVyQGFmZmlkZWEuY29tIiwiaWF0IjoxNzExNjQyNDYwLCJleHAiOjE3MTE2NDI1ODB9.fnCAnzXzvaFKAGh-5y7STPrPJ4RKw08Sfb437M257m8 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Set-Cookie: qPdM=XVJKhoQqZV5e; path=/; samesite=none; secure; httponly
qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; path=/; samesite=none; secure; httponly
location: /?qrc=marcus.kaeller%40affidea.com
Date: Thu, 28 Mar 2024 16:14:20 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
|
|
| df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/favicon.ico | 172.67.157.35 | 200 OK | 3.3 kB |
URL GET HTTP/3df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/favicon.ico IP172.67.157.35:443
Requested byhttps://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com CertificateIssuerGoogle Trust Services LLC Subject495f115f35e2dc7a881a80b8.workers.dev Fingerprint1E:2A:8A:18:DD:E8:CE:FD:78:49:48:79:71:CD:9F:61:21:F5:E0:F9 ValidityThu, 14 Mar 2024 18:23:37 GMT - Wed, 12 Jun 2024 18:23:36 GMT
File typeHTML document, ASCII text, with very long lines (3271), with no line terminators Hashd2fb2b25bcfe15104dea88e56cb414c3 eb08d90afb2405328059400dbe3f0a7f47531a40 d8f30fb56272a60722051bca5135e030e0a9f8eb0f8a6d68dc080663e866debd
GET /favicon.ico HTTP/1.1
Host: df34d9fc.495f115f35e2dc7a881a80b8.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 16:14:20 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgolEvvpRD8yVjG8ml8bm85suDwKUwi8r8ud8zjcELO%2B81M4%2FYJMrjKJYPaGUFdlUR%2B5zNf%2BRvyHCJUlMgX5J9AT0xtUUzecadUtWGfgesx3nDOg1pJ5dsN4L8fZnCulJJ6s2ZVCz2zXmBwiGLabJmDGWpI%2BytNJK0E8NGw1BIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b8e9a25e225687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== | 5.230.44.183 | 200 OK | 21 kB |
URL GET HTTP/1.1team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== IP5.230.44.183:443
Requested byhttps://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/?qrc=marcus.kaeller@affidea.com CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1166), with CRLF, LF line terminators Hash9530f5011ba7687a0e62caa54916b1bb 71765b318db4d464a6b1eaca40372831d54a9a43 d2422c2d4af7bf0b8020f99675815f0fc35a54228dd4d9874ac20382bb94f5ae
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://df34d9fc.495f115f35e2dc7a881a80b8.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Date: Thu, 28 Mar 2024 16:14:21 GMT
Connection: close
Set-Cookie: cookiesession1=678A3F0DDEDD84110AB8BE1B36F561C4;Expires=Fri, 28 Mar 2025 16:14:21 GMT;Path=/
Transfer-Encoding: chunked
Content-Encoding: gzip
|
|
| team-telstra.co/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205 | 5.230.44.183 | 200 OK | 8.1 kB |
URL GET HTTP/1.1team-telstra.co/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205 IP5.230.44.183:443
Requested byhttps://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw== CertificateIssuerLet's Encrypt Subjectteam-telstra.co Fingerprint21:C5:E7:71:3E:A7:ED:21:00:49:3B:9D:4F:49:33:26:C6:52:C0:7B ValidityWed, 27 Mar 2024 13:17:29 GMT - Tue, 25 Jun 2024 13:17:28 GMT
File typeUnicode text, UTF-8 text, with very long lines (8958), with no line terminators Hash2de6fa5a4634c32cfe968a8891d9938a 2bd44a14321b0564a5e25ce5bcf26760aa68064c 8ff196cddc35bf6a497cca4d741d7c9bc351ebcc4da7da13b0b242186a8b52ef
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205 HTTP/1.1
Host: team-telstra.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://team-telstra.co/captcha.rdr?ref=aHR0cHM6Ly9zdHMuYWZmaWRlYS5jb20vYWRmcy9scy8/bG9naW5faGludD1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWE5YjFlNmJjLTZhMzItY2UzYi0xYTJlLWY5OWYxNWU3MDEwNyZ1c2VybmFtZT1tYXJjdXMua2FlbGxlciU0MGFmZmlkZWEuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkZOYk5KZ0FPV2pyQnZNbjduRXl5NG1qVjZXRkVwYldzQ1FDTU1OV2hpYm9neU1JVl9icjZXVThtRmIyTml5a3laNlhPYk5pd2szdWZoeldoWVBubmN3ODdxVEI2UEV4Sjk0Y2Q2RWVQR203X0R5WHZMeUR1OHRFdEZ3TkhtWi1RT1duakRONkhxVVZ0RkVfUVZuUGpUMy11UExaMnp6NnR1RjhLLW5Gei1CNlNHNDFQQzhqcHVNUkhEWGEyRnNoYkd1bXlvS3E5aU80RTBZT1FEZ0dJQVJBUHYtQlJzNmF0Y05XeEMxV3NpNUJzZEpEY0ZKZE9nWEJTN09peXlYWUFVbUVaczRJY3hGUlpiWG9VYkgtQVNrZVpqZ2FZZ1lnZFk0WG9ralRkRTBrVF94bnktbHUxNkRuUkIyekczMHd4X1VzV1BYTzlqMW5oRDdZTG5xWmJKdTNyaWV6bVE0V3RxUzFYeWw3LWI0NWNLYVY3RHVXUkswWUs4ZlI3Vk9QdFpjcnNtNWNqZlhkR3FhYkZUcjFZMTF1bHZKbG1rNVlkU3psckJkWE4tc21sTDZwbUZZcTBaR2JDX3BEYnRzbTZJWkw0cTNlbGxQcVlsc1JWaHpIYVluMDF3aHhsYVFWTmlRZFVzcWxHNm9sYUxsS2ZybWtQaXZ3VjhSNUhnYUc3ZVBDQkozVU52VWpnUGdmUUI4RHZpWm1kTUFHRXlOSDFFT0hyNzdkbUZXZnZEaGVlaEtLdVU3bW9wa0t3cmJYRkU1cHRSMzdhb2s0UlZGWHMwSnJObm5yRWJEaVhVMmVNT3lwVmo1dHB1S0o2TjdKTmdqeVVNeU9FUE0tU2hpYVMwNklzRjNFanlhOWgwR18zWHY4U3c0T2NPSFNMVUZUZHVkWDl5aFRLM3VZUXUxcWVRT3RXVzdkVldkcUI1c2RaRkxKZTlRNDM3cTd1N3U3cHV6dnROemd5OF83dzlHajdfbVhzejVmZ00xIw==
Cookie: qPdM=XVJKhoQqZV5e; qPdM.sig=w8tX0u5qeQGX3ASAQAq2DDbmZtM; ClientId=D5613D4490B342F196FF111F449DCDC8; OIDC=1; OpenIdConnect.nonce.v3.g8kQB4PdEKLOim_Et32TvjydfxoAz5hnkMCLARR8zC8=638472392609576386.31724fad-549a-4a94-ae06-d34b8edbdd74; X-OWA-RedirectHistory=ArLym14BwjVjIEJP3Ag; buid=0.AS8AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8qlF1iMQrUv3_4PCdmVGOqbekAoscMO8J_w_EGZXhNlEhZg5OjcYKyeD3TJd2JRZrp-mh9ocD1EuY2OnflP5XLKVM0aT0CrTlt4r-xPk2AVggAA; fpc=Ajvwg_cJlcZJp7EGOoTtMYGerOTJAQAAAFyOl90OAAAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8q7c7AapBB1VBo6zreGKrjveBn70-giNKJPXOb4Eh6uMSakjOeXbzr_TX3Xy2LHtQ_9lEERcVVCzFlc0V8RD9iH-yPm6GfLaFIaJAECGk3WY65TDLmFJ4-qN05Oqu1Zto20UNtw4SriS1oyASNpHMMDbtorXBG4kuTr4-k_ySirYgAA; cltm=CgAQABoAIgQIDBAF; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3406
Content-Type: text/css
Expires: Sat, 27 Apr 2024 15:14:22 GMT
ETag: 0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:
Date: Thu, 28 Mar 2024 16:14:21 GMT
Connection: close
Set-Cookie: cookiesession1=678A3F0D0EF4939B7A1E04284E6C239F;Expires=Fri, 28 Mar 2025 16:14:22 GMT;Path=/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
|
|