| ocsp.entrust.net/ | 184.24.45.171 | | 1.6 kB |
IP184.24.45.171:0
Hashbcf4336b956712976790b04e0564ee73 242179c4eb0809284fc1679965740bcd17ec9dab cf0b887fef9bb912acee9fa4d9cc96741a23cb67433c48dae2ce7d63a12c8a5b
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "CF0B887FEF9BB912ACEE9FA4D9CC96741A23CB67433C48DAE2CE7D63A12C8A5B"
Last-Modified: Tue, 07 May 2024 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 07 May 2024 06:46:52 GMT
Date: Tue, 07 May 2024 05:46:52 GMT
Connection: keep-alive
|
|
| webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 | 122.56.53.186 | 200 OK | 3.4 kB |
URL User Request GET HTTP/1.1webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeHTML document, ASCII text, with very long lines (470), with CRLF line terminators Hash3dd228655b9499d1890d6a6de9310072 da327d85ae504187221ef5d99c32f4edebea738b f4d525d2cc50c622c2e152bf1f1a858fc42f3bc547b4493d9cca88e799a2dc2d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: text/html
Pragma: no-cache
Cache-control: no-cache,max-age=0,must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css | 122.56.53.186 | 200 OK | 1.3 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeASCII text, with CRLF line terminators Hash522436367f4545f01a036a770ed1ae79 792ac4884c394f6cfc3850666d9dad8a75abd48f 3b2f457ba3f90541c7bfffef2c89d556d30f4c76108426090ffb0585ad3aa1ac
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=logon_style.css HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: text/css
Cache-control: max-age=604800
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=owafont.css | 122.56.53.186 | 200 OK | 2.0 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=owafont.css IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeASCII text, with CRLF line terminators Hash9f2219d5b0220a73402c9f4495990900 49716d120f59965e095545a45eb7b4505b36097a 159f4b224ba13a8c9425965294caa598a874e980582c4c3f3f56a4bf0bea294d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=owafont.css HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: text/css
Cache-control: max-age=604800
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=flogon.js | 122.56.53.186 | 200 OK | 17 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=flogon.js IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeASCII text, with CRLF line terminators Hashf26366035bb6bcd3d966bc497df05d8c 4536c3e8ffd066f3c7cc57095285dccd9b1785f9 d87ecfce8a144ca47d88ccf59b11da2cc8813e1aaa2e8d3c79150cbfe4dcd053
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=flogon.js HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 17405
Content-Type: application/x-javascript
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotl.gif | 122.56.53.186 | 200 OK | 9.3 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotl.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 456 x 54 Hashe0a2c263c6745f251720fe0876d140c4 51b2196c6b10b8c6443e4f91b4c6281134755f33 0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnbotl.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 9311
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopr.gif | 122.56.53.186 | 200 OK | 581 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopr.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 45 x 115 Hash031bed6f568fbddddf550a97400b273f 69342ba98b1a924ea4f984f5ef6b244ba0177cb3 f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgntopr.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 581
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopl.gif | 122.56.53.186 | 200 OK | 5.9 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopl.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 456 x 115 Hash5fbc803f9c0b41f5993278b602a412dd 3cdc7c8b3524bb4afb5d8526b5ea8b148b2c3a8e 131f36b787379da6468a1ddce90804f55fb00b90851c583a6f4e0fb210f41321
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgntopl.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 5938
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnexlogo.gif | 122.56.53.186 | 200 OK | 61 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnexlogo.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 22 x 22 Hash873c522598fb6da9f70d5dde7ccf6213 c09fdcf5e3933b8efdae4505825e786462cdad51 b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnexlogo.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 61
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotr.gif | 122.56.53.186 | 200 OK | 2.4 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotr.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 45 x 54 Hash43b7c46b32691aa778c5e49d139db8f5 e72b87c696eed81b71b853ce245a30377dce205e 97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnbotr.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 2392
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnleft.gif | 122.56.53.186 | 200 OK | 290 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnleft.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 15 x 200 Hashbaf34665612f4d59f7cfc06ea82da21d 2c8cf5f76499e66d609ddaac026720ef28078421 96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnleft.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 290
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnright.gif | 122.56.53.186 | 200 OK | 306 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnright.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 15 x 200 Hash391603f1faee60db855bd11650dbbf72 9728452459447efcc7c453c2150139839fa174bc a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnright.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 306
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopm.gif | 122.56.53.186 | 200 OK | 58 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopm.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 1 x 115 Hash0615717b3645a8573f07347cdb74d69f b707c5a9ede57d3232138ed7ccdb0b4ee9e56043 9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgntopm.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 58
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotm.gif | 122.56.53.186 | 200 OK | 276 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotm.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 1 x 54 Hash704330b6d293ce2d32780739218696b9 6ebd408ff617f5317595121191a92bd9ba69a01f 6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnbotm.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 276
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=favicon.ico | 122.56.53.186 | 200 OK | 1.2 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=favicon.ico IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash738c26ac73a5817089c30ef2da9a707e 8832d1f0830554f33c62df6f52814410ef950f88 ee6a7f6889908066f36944f85661471d18eb93fa8577e7a719f3ad4b867cf381
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=favicon.ico HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/cookieauth.dll?getlogon?curl=z2f&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 1150
Content-Type: image/x-icon
Cache-control: max-age=604800
|
|