qmy4.ru.com/oXJcoXJc/oXJcoXJc/bWFkaXMucGlrYXRAaGVpZGVsYmVyZ2NlbWVudC5jb20=
0 B URL qmy4.ru.com/oXJcoXJc/oXJcoXJc/bWFkaXMucGlrYXRAaGVpZGVsYmVyZ2NlbWVudC5jb20=
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /oXJcoXJc/oXJcoXJc/bWFkaXMucGlrYXRAaGVpZGVsYmVyZ2NlbWVudC5jb20= HTTP/1.1
Host: qmy4.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 Nov 2023 21:28:20 GMT
Server: Apache
refresh: 0;url=https://tango-gmbh.net/Mmadis.pikat@heidelbergcement.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aadcdn.msauthimages.net/c1c6b6c8-dffpcpuomanyg7pck-4mv33i02pxzrduokurxc6-hjc/logintenantbranding/0/bannerlogo?ts=637992835545826609
200 OK 6.7 kB URL GET HTTP/2 aadcdn.msauthimages.net/c1c6b6c8-dffpcpuomanyg7pck-4mv33i02pxzrduokurxc6-hjc/logintenantbranding/0/bannerlogo?ts=637992835545826609
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type PNG image data, 210 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c261f2af7f98babea1bf5f00c739b6c
d47e26e0c5577f1428eed6b5488ff291c76e8c54
bb2227916435f9b8ac732a54ef23101701c182d5ee7151955a6bf0c5dd5e08ce
GET /c1c6b6c8-dffpcpuomanyg7pck-4mv33i02pxzrduokurxc6-hjc/logintenantbranding/0/bannerlogo?ts=637992835545826609 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 42911
cache-control: public, max-age=86400
content-md5: bCYfKvf5i6vqG/XwDHObbA==
content-type: image/*
date: Fri, 10 Nov 2023 21:28:26 GMT
etag: 0x8DA9B1A8BFA76F3
last-modified: Tue, 20 Sep 2022 15:12:34 GMT
server: ECAcc (ska/F6F5)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 574f3be6-901e-0023-7fb8-1343f9000000
x-ms-version: 2009-09-19
content-length: 6705
X-Firefox-Spdy: h2
aadcdn.msauthimages.net/c1c6b6c8-dffpcpuomanyg7pck-4mv33i02pxzrduokurxc6-hjc/logintenantbranding/0/illustration?ts=638000584329163833
200 OK 296 kB URL GET HTTP/2 aadcdn.msauthimages.net/c1c6b6c8-dffpcpuomanyg7pck-4mv33i02pxzrduokurxc6-hjc/logintenantbranding/0/illustration?ts=638000584329163833
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D
ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1020x680, components 3\012- data
Size 296 kB (296210 bytes)
Hash fc6cc706c53a01e63ce7d23e65e2ea9d
116f3b98d511759178eb65d1404abcfc9169ebf4
bdec6f15b71af48866fd8c76bc977de86580c7950f309fd136529e5926f4a7c3
GET /c1c6b6c8-dffpcpuomanyg7pck-4mv33i02pxzrduokurxc6-hjc/logintenantbranding/0/illustration?ts=638000584329163833 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 38512
cache-control: public, max-age=86400
content-md5: /GzHBsU6AeY859I+ZeLqnQ==
content-type: image/*
date: Fri, 10 Nov 2023 21:28:26 GMT
etag: 0x8DAA226B3A35975
last-modified: Thu, 29 Sep 2022 14:27:13 GMT
server: ECAcc (ska/F69F)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4afa7270-001e-0062-07c3-136bea000000
x-ms-version: 2009-09-19
content-length: 296210
X-Firefox-Spdy: h2
unpkg.com/axios@1.6.1/dist/axios.min.js
200 OK 34 kB URL GET HTTP/2 unpkg.com/axios@1.6.1/dist/axios.min.js
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (33497)
Hash af64c1f968c73e459a73e1c0de40f298
01f89f3459810156ea4943ccfb21df6652a32467
858bd7db821a6ffaf2ac91014798c35b47794163b90aa0e0c3635fa9458fc272
GET /axios@1.6.1/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tango-gmbh.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"8300-AfifNFmBAVbqSUPM+yHfZlKjJGc"
via: 1.1 fly.io
fly-request-id: 01HEQR9JTSBYV23H0MF5EEBJTZ-arn
cf-cache-status: HIT
age: 194906
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8241629709c15690-OSL
content-encoding: br
X-Firefox-Spdy: h2
tango-gmbh.net/Mmadis.pikat@heidelbergcement.com
403 Forbidden 6.4 kB URL User Request GET HTTP/2 tango-gmbh.net/Mmadis.pikat@heidelbergcement.com
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6445), with no line terminators
Hash 522d5a1c2ceed106b1da474f7e657976
3a0aa43155785c5db23f8b1477c5f99244894eeb
5703cb4ece1b57aa88b17ff2902b05d55c953cd9cb79710771faba4348f18fb7
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mmadis.pikat@heidelbergcement.com HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 10 Nov 2023 21:28:21 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWr8Sm3psuzC7LT%2B1RwDBdCoU9Z7LHcbd7jy%2FMKj627o3iKeqMs%2F56ZzBJfvV%2FXns21ejBtElqNW2xncY7hT0nBcIdow3l4mYXNUZYDGaK6wKq4mCsLJHzvCukIG9vFtEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82416280d859712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tango-gmbh.net/ic/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c801
200 OK 17 kB URL GET HTTP/3 tango-gmbh.net/ic/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c801
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c801 HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:26 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 17 Nov 2023 21:28:26 GMT
last-modified: Wed, 08 Nov 2023 08:01:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Em2qLBXFT%2Fr9HaCrwuCQqYZVhJ3JDrVcjOEuFAIYGGJia0Bdgx2SJCFLnT9seAFmStKOXxmR4XnsUwaXIbbAObE4gHbUITmCqQPO8gF6SatJL%2BAjC9Thkd7FAwnNXfp8uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8241629bbaaeb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tango-gmbh.net/jm/15c13cae90c2a02bdbb25d512e65f1b8654ea079400ed
200 OK 6.4 kB URL GET HTTP/3 tango-gmbh.net/jm/15c13cae90c2a02bdbb25d512e65f1b8654ea079400ed
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type ASCII text, with very long lines (6376), with no line terminators
Hash 1e07a363eef4b40ab4a38d5e4371da5c
7351be2a378540a016aec380141927221a45f19b
01ba4de80540981fd34be681b5c1fce8b205e341ac6fa73a61817068ff566510
GET /jm/15c13cae90c2a02bdbb25d512e65f1b8654ea079400ed HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 17 Nov 2023 21:28:25 GMT
last-modified: Wed, 08 Nov 2023 08:01:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6zOsK8rc%2FOS%2FYcWpbghNb2J96Xn3votu3ggGU2TsyUTeSJztum7J%2FWZ3ZUs9%2BGbrv3rtdAcUL%2BcGrbJVjJyHw5CQDTj8Rgv4AN9oQQUoDZsg%2Fw9BsNeOWDAKafSG6DvwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82416296cea2b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios/dist/axios.min.js
302 Found 34 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.1/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HEXHM0Y44BW7ZP3JK7TAQYN0-arn
cf-cache-status: HIT
age: 579
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82416296e9a85690-OSL
X-Firefox-Spdy: h2
tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
200 OK 5.5 kB URL User Request GET HTTP/3 tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5541), with no line terminators
Hash 2778116ae2bcb1a9e937c42b5d42456f
774455f8bdc311c8977ae515754e323beb2b8c46
2893c6e6e416ca6dd21bdad75ef879a109f6f3fc379d9983a96e721c2bc16adf
GET /beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499 HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tango-gmbh.net/Mmadis.pikat@heidelbergcement.com?__cf_chl_tk=QF0A06X4u0fuHcF9y0s2.suwHuKrYeQl8YJ3T834aLk-1699651701-0-gaNycGzNDBA
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aN1v5olYy2yTcAgE1ZuqCU61DRJPicDFwirocbCSCZoLdpMu2kiKWGT%2FxX0AqP7pRmcbzEaTB%2BPV689O%2FL9jYSiGOesbn5Uh3lSp0OwoYroRtujxP4sSr8HJW7B5Qjg1Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82416295cda8b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tango-gmbh.net/Mmadis.pikat@heidelbergcement.com
302 Found 5.5 kB URL User Request POST HTTP/3 tango-gmbh.net/Mmadis.pikat@heidelbergcement.com
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Mmadis.pikat@heidelbergcement.com HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tango-gmbh.net/Mmadis.pikat@heidelbergcement.com?__cf_chl_tk=QF0A06X4u0fuHcF9y0s2.suwHuKrYeQl8YJ3T834aLk-1699651701-0-gaNycGzNDBA
Content-Type: application/x-www-form-urlencoded
Content-Length: 3489
Origin: https://tango-gmbh.net
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
set-cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; path=/; expires=Sat, 09-Nov-24 21:28:24 GMT; domain=.tango-gmbh.net; HttpOnly; Secure; SameSite=None
PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZJ4thrZiej9QuHhKl%2FWQTUnkiG4JqJW9L9AkKfXnRFK2PNBNDQTxbwf%2FkchDuDNFifkCFfskv0anKQXpvHA5IaafCMacHSQm%2BnR62haKdERxOrzh0r3fo%2BfCK8PBxfDfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82416293bbccb50b-OSL
alt-svc: h3=":443"; ma=86400
tango-gmbh.net/jq/15c13cae90c2a02bdbb25d512e65f1b8654ea079400e9
200 OK 86 kB URL GET HTTP/3 tango-gmbh.net/jq/15c13cae90c2a02bdbb25d512e65f1b8654ea079400e9
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/15c13cae90c2a02bdbb25d512e65f1b8654ea079400e9 HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 17 Nov 2023 21:28:25 GMT
last-modified: Wed, 08 Nov 2023 08:01:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9PKn%2FIbv8tHb%2BGmVw%2FOjNBY0CSodlmutdNgm%2Fpas4Hr0z8ef3x%2FCO5BQUt0Y4RYmizyTVB%2FxQ2Nr0%2F3fyExahpaO4xQF0LipgYu4OhbWmRXUmMjQKcLSAytH37Dly0O2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82416296ce9db50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tango-gmbh.net/o/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c832
200 OK 3.7 kB URL GET HTTP/3 tango-gmbh.net/o/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c832
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3695), with no line terminators
Hash d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c832 HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 17 Nov 2023 21:28:25 GMT
last-modified: Wed, 08 Nov 2023 08:01:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmShpE%2BZZKnGwa3o0B%2BTjfh3kZYAVs9gqnLqsgJVILO3oToeFLoVg%2BAj5KJlF4nkjlrj6QNAOMDl7ERIxk%2FhaRC42t4l05TiJ5SMnFmV8eXyYrPpXKqPnljsl%2FW%2FOq1Rbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824162988ff2b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tango-gmbh.net/e/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c839
200 OK 513 B URL GET HTTP/3 tango-gmbh.net/e/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c839
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (529), with no line terminators
Hash adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c839 HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 17 Nov 2023 21:28:25 GMT
last-modified: Wed, 08 Nov 2023 08:01:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXNMLKFBTO8erBhv5mxehsT2v9cTA0EIsPMx38AIRYFWS4NGqrT4Y53dkaxK6cKhGJSWuJrgK7Nf856rYyK68j7%2B71xOjS3Y%2BvwoHBpufA9A%2BDbh28QY5p%2F3WOJwkblYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824162988ff4b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tango-gmbh.net/api-as1f?email=madis.pikat@heidelbergcement.com&data=logo
200 OK 168 B URL GET HTTP/3 tango-gmbh.net/api-as1f?email=madis.pikat@heidelbergcement.com&data=logo
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 2e7650eddb753a77c2e286d73a3a6dae
ef493b8e6090ab02272456ed0580eca05324d1f7
866607bdac45930ea0dae3ca8506e0eb9e2ced5d0e94e55dec9ebeea94f8e370
GET /api-as1f?email=madis.pikat@heidelbergcement.com&data=logo HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FmCIPE2cjfw06zZRthgJBNFO6dFMz4QJoOCcV7bCngPIb8hsaWt6K2lyZBQ46DhE6DNOJIUTwXloSwnadK8fn4P0d675iOUlwYA6f%2BmLQ1%2BbLJARrop4qS3pBe3HNaxmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824162989800b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tango-gmbh.net/APP-JZH00C/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c809
200 OK 105 kB URL GET HTTP/3 tango-gmbh.net/APP-JZH00C/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c809
IP
Requested by https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Certificate IssuerGoogle Trust Services LLC
Subjecttango-gmbh.net
FingerprintD4:6B:8A:2E:9F:E5:74:2C:97:8A:6C:8A:7C:AC:CB:C6:27:DE:C9:84
ValidityFri, 20 Oct 2023 01:15:46 GMT - Thu, 18 Jan 2024 01:15:45 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (105369 bytes)
Hash 8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-JZH00C/15c13cae90c2a02bdbb25d512e65f1b8654ea0799c809 HTTP/1.1
Host: tango-gmbh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tango-gmbh.net/beebb091955c06fa68b3eb8afc0bae51654ea07933498PASbeebb091955c06fa68b3eb8afc0bae51654ea07933499
Cookie: cf_clearance=dNCrhO8OxnEcflgdP5keVlZcca2qNGBGCBx_9G3031k-1699651701-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=1ba75d45d5b5776126d9abc76f7ba9d6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 21:28:25 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 17 Nov 2023 21:28:25 GMT
last-modified: Wed, 08 Nov 2023 08:01:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmjZubvSEv338RI8YN8uEigtGiDTqj5kIBmbRPlGVaYR3P6oA4Gi3wJg%2F2OJPRNeYtCv%2BIny2dTHg4QjlwyyfA4HG5kN4QvnAxzjCwxxsM5wLiB7rt4BmQOlpEOD6sbhdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82416298a809b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
216.10.251.242
152.199.23.72
104.16.124.175
0.0.0.0