| webmail.hanz.health.nz/ag.exe | 122.56.53.186 | 302 Moved Temporarily | 0 B |
URL User Request GET HTTP/1.1webmail.hanz.health.nz/ag.exe IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /ag.exe HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Location: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Set-Cookie: cadata6BE4FFF8B69B49C980EE0306F5A8C89D=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Connection: close
Content-Length: 0
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 | 122.56.53.186 | 200 OK | 3.4 kB |
URL User Request GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeHTML document, ASCII text, with very long lines (470), with CRLF line terminators Hash68c035b449193a1ffdde3af57c8813d3 752351d1ec584e47eb54828534eed92265c410b2 28aa5a19a3874378847c430de8b1acebb444845c6cdb47c9312a6eedb1f8dee7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: text/html
Pragma: no-cache
Cache-control: no-cache,max-age=0,must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css | 122.56.53.186 | 200 OK | 1.3 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeASCII text, with CRLF line terminators Hash522436367f4545f01a036a770ed1ae79 792ac4884c394f6cfc3850666d9dad8a75abd48f 3b2f457ba3f90541c7bfffef2c89d556d30f4c76108426090ffb0585ad3aa1ac
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=logon_style.css HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: text/css
Cache-control: max-age=604800
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=owafont.css | 122.56.53.186 | 200 OK | 2.0 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=owafont.css IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeASCII text, with CRLF line terminators Hash9f2219d5b0220a73402c9f4495990900 49716d120f59965e095545a45eb7b4505b36097a 159f4b224ba13a8c9425965294caa598a874e980582c4c3f3f56a4bf0bea294d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=owafont.css HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: text/css
Cache-control: max-age=604800
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
|
|
| webmail.hanz.health.nz/ | 122.56.53.186 | | 0 B |
IP122.56.53.186:0 ASN#4648 Global-Gateway Internet
CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET / HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Location: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2F&reason=0&formdir=2
Set-Cookie: cadata6BE4FFF8B69B49C980EE0306F5A8C89D=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Connection: close
Content-Length: 0
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=flogon.js | 122.56.53.186 | 200 OK | 17 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=flogon.js IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeASCII text, with CRLF line terminators Hashf26366035bb6bcd3d966bc497df05d8c 4536c3e8ffd066f3c7cc57095285dccd9b1785f9 d87ecfce8a144ca47d88ccf59b11da2cc8813e1aaa2e8d3c79150cbfe4dcd053
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=flogon.js HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 17405
Content-Type: application/x-javascript
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2F&reason=0&formdir=2 | 122.56.53.186 | | 3.4 kB |
URL webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2F&reason=0&formdir=2 IP122.56.53.186:0 ASN#4648 Global-Gateway Internet
CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeHTML document, ASCII text, with very long lines (470), with CRLF line terminators Hash8b47a555b9e50ab11eaaae8bbab43e4d a479b93fdaab1418fcb3fedc0393bc60f2526a67 46bfa27f7591947f038457fddd3f88a326e693c3e9aa282bdf3524ba94163470
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetLogon?curl=Z2F&reason=0&formdir=2 HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: text/html
Pragma: no-cache
Cache-control: no-cache,max-age=0,must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopr.gif | 122.56.53.186 | 200 OK | 581 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopr.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 45 x 115 Hash031bed6f568fbddddf550a97400b273f 69342ba98b1a924ea4f984f5ef6b244ba0177cb3 f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgntopr.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 581
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotl.gif | 122.56.53.186 | 200 OK | 9.3 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotl.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 456 x 54 Hashe0a2c263c6745f251720fe0876d140c4 51b2196c6b10b8c6443e4f91b4c6281134755f33 0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnbotl.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 9311
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnexlogo.gif | 122.56.53.186 | 200 OK | 61 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnexlogo.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 22 x 22 Hash873c522598fb6da9f70d5dde7ccf6213 c09fdcf5e3933b8efdae4505825e786462cdad51 b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnexlogo.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 61
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopl.gif | 122.56.53.186 | 200 OK | 5.9 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopl.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 456 x 115 Hash5fbc803f9c0b41f5993278b602a412dd 3cdc7c8b3524bb4afb5d8526b5ea8b148b2c3a8e 131f36b787379da6468a1ddce90804f55fb00b90851c583a6f4e0fb210f41321
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgntopl.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 5938
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotr.gif | 122.56.53.186 | 200 OK | 2.4 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotr.gif IP122.56.53.186:443 ASN#4648 Global-Gateway Internet
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 45 x 54 Hash43b7c46b32691aa778c5e49d139db8f5 e72b87c696eed81b71b853ce245a30377dce205e 97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnbotr.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 2392
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnright.gif | 203.97.192.52 | 200 OK | 306 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnright.gif IP203.97.192.52:443 ASN#4768 One New Zealand Group Limited
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 15 x 200 Hash391603f1faee60db855bd11650dbbf72 9728452459447efcc7c453c2150139839fa174bc a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnright.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 306
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotm.gif | 203.97.192.52 | 200 OK | 276 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnbotm.gif IP203.97.192.52:443 ASN#4768 One New Zealand Group Limited
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 1 x 54 Hash704330b6d293ce2d32780739218696b9 6ebd408ff617f5317595121191a92bd9ba69a01f 6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnbotm.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 276
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnleft.gif | 203.97.192.52 | 200 OK | 290 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgnleft.gif IP203.97.192.52:443 ASN#4768 One New Zealand Group Limited
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 15 x 200 Hashbaf34665612f4d59f7cfc06ea82da21d 2c8cf5f76499e66d609ddaac026720ef28078421 96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgnleft.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 290
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopm.gif | 203.97.192.52 | 200 OK | 58 B |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=lgntopm.gif IP203.97.192.52:443 ASN#4768 One New Zealand Group Limited
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeGIF image data, version 89a, 1 x 115 Hash0615717b3645a8573f07347cdb74d69f b707c5a9ede57d3232138ed7ccdb0b4ee9e56043 9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=lgntopm.gif HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=logon_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 58
Content-Type: image/gif
Cache-control: max-age=604800
|
|
| webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=favicon.ico | 203.97.192.52 | 200 OK | 1.2 kB |
URL GET HTTP/1.1webmail.hanz.health.nz/CookieAuth.dll?GetPic?formdir=2&image=favicon.ico IP203.97.192.52:443 ASN#4768 One New Zealand Group Limited
Requested byhttps://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2 CertificateIssuerEntrust, Inc. Subject*.hanz.health.nz Fingerprint30:B7:D3:E3:B8:F4:CB:BD:52:D2:65:43:3F:D3:5D:7B:68:F9:9C:AC ValidityTue, 13 Jun 2023 02:31:41 GMT - Wed, 19 Jun 2024 02:31:41 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash738c26ac73a5817089c30ef2da9a707e 8832d1f0830554f33c62df6f52814410ef950f88 ee6a7f6889908066f36944f85661471d18eb93fa8577e7a719f3ad4b867cf381
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /CookieAuth.dll?GetPic?formdir=2&image=favicon.ico HTTP/1.1
Host: webmail.hanz.health.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.hanz.health.nz/CookieAuth.dll?GetLogon?curl=Z2Fag.exe&reason=0&formdir=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Length: 1150
Content-Type: image/x-icon
Cache-control: max-age=604800
|
|