Source: file:///C:/Users/user/Desktop/securedoc_20240328T081124.html |
Tab title: Secure Registered Envelope: RE: Shelby State Bank Payment Recovery GREAT LAKE ENERGY COOPERATIVE |
Source: securedoc_20240328T081124.html |
HTTP Parser: document.write |
Source: securedoc_20240328T081124.html |
HTTP Parser: location.href |
Source: securedoc_20240328T081124.html |
HTTP Parser: window.location |
Source: securedoc_20240328T081124.html |
HTTP Parser: Robin Olson <Robin.Olson@billpaysite.com> |
Source: file:///C:/Users/user/Desktop/securedoc_20240328T081124.html |
HTTP Parser: {'name':null,'msgID':'|1__25f86d1a0000018e852fc727d874571c4b1c3523@mx7.jackhenry.com','keysize':24,'flags':2049,'rid':'IidnbGVuZXJneUBnbGVuZXJneS5jb20nIiA8Z2xlbmVyZ3lAZ2xlbmVyZ3kuY29tPg==','algnames':{'encryption':{'data':'AES'}},'algparams':{'encryption':{'data':{'IV':'vdD6PCYd5sdb/jvJ+RK+Ow=='}}},'keyserverhost':'res.cisco.com:443','securereplyhost':'res.cisco.com:443','openerhost':'res.cisco.com:443','toc':[['Body-1711631484753.txt',1,'','',13,[0,10138],'Body-1711631484753.txt','ISO-8859-1'],['image001.png',2,'','image001.png',21,[10138,2455],'image001.png','ISO-8859-1'],['MessageBar.html',4,'','',1,[12593,29338],'MessageBar.html','ISO-8859-1']],'salt':'Xqs91DK162A/SAcs5GGDL33ft7U=','data':['','','']} |
Source: file:///C:/Users/user/Desktop/securedoc_20240328T081124.html |
HTTP Parser: glenergy@glenergy.com |
Source: https://3569326.fls.doubleclick.net/activityi;dc_pre=CO-K3_qZl4UDFfYbdgYdw7QLgg;src=3569326;type=viq0_0;cat=gl_vi000;u1=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;u4=018e8588f34200019ea13494d3f20506f007d06700918;u9=en;u18=us;ord=9591424704676.166? |
HTTP Parser: Base64 decoded: floodlight_config_id: 3569326advertiser_domain: "https://cisco.com"xfa_attribution_interaction_type: CONVERSIONdebug_key: 9197824840965220453ctc_conversion_bucket: 3archetype_id: 1archetype_id: 3archetype_id: 4archetype_id: 5archetype_id: 6arche... |
Source: securedoc_20240328T081124.html |
HTTP Parser: Title: Secure Registered Envelope:RE: Shelby State Bank Payment Recovery GREAT LAKE ENERGY COOPERATIVE does not match URL |
Source: https://res.cisco.com/websafe/root |
HTTP Parser: Title: Login does not match URL |
Source: securedoc_20240328T081124.html |
HTTP Parser: <input type="password" .../> found |
Source: securedoc_20240328T081124.html |
HTTP Parser: No favicon |
Source: file:///C:/Users/user/Desktop/securedoc_20240328T081124.html |
HTTP Parser: No favicon |
Source: https://res.cisco.com/websafe/root |
HTTP Parser: No favicon |
Source: https://res.cisco.com/websafe/help |
HTTP Parser: No favicon |
Source: https://www.cisco.com/c/en/us/td/docs/security/email_encryption/CRES/recipient_guide/b_Recipient/b_Recipient_chapter_011.html |
HTTP Parser: No favicon |
Source: https://www.cisco.com/c/en/us/td/docs/security/email_encryption/CRES/recipient_guide/b_Recipient/b_Recipient_chapter_011.html |
HTTP Parser: No favicon |
Source: https://www.cisco.com/c/en/us/td/docs/security/email_encryption/CRES/recipient_guide/b_Recipient/b_Recipient_chapter_011.html |
HTTP Parser: No favicon |
Source: https://www.cisco.com/c/en/us/td/docs/security/email_encryption/CRES/recipient_guide/b_Recipient/b_Recipient_chapter_011.html |
HTTP Parser: No favicon |
Source: https://www.cisco.com/c/en/us/td/docs/security/email_encryption/CRES/recipient_guide/b_Recipient/b_Recipient_chapter_011.html |
HTTP Parser: No favicon |
Source: https://3569326.fls.doubleclick.net/activityi;dc_pre=CO-K3_qZl4UDFfYbdgYdw7QLgg;src=3569326;type=viq0_0;cat=gl_vi000;u1=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;u4=018e8588f34200019ea13494d3f20506f007d06700918;u9=en;u18=us;ord=9591424704676.166? |
HTTP Parser: No favicon |
Source: https://3569326.fls.doubleclick.net/activityi;dc_pre=CPvwy_yZl4UDFREVdgYd2PIHKw;src=3569326;type=gl_au0;cat=gl_au0;ord=6148475032163;npa=0;auiddc=967978666.1711637338;u1=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;u4=018e8588f34200019ea13494d3f20506f007d06700918;u18=us;u9=en;gdid=dYmQxMT;ps=1;pcor=826317965;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0v9179878328za200;gcd=13l3l3l3l1;dma=0;epver=2;match_id=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;~oref=https%3A%2F%2Fwww.cisco.com%2Fc%2Fen%2Fus%2Ftd%2Fdocs%2Fsecurity%2Femail_encryption%2FCRES%2Frecipient_guide%2Fb_Recipient%2Fb_Recipient_chapter_011.html? |
HTTP Parser: No favicon |
Source: https://3569326.fls.doubleclick.net/activityi;dc_pre=CJiJzfyZl4UDFWAPdgYdoSIIsg;src=3569326;type=visitor;cat=vis;npa=0;auiddc=967978666.1711637338;u1=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;u4=018e8588f34200019ea13494d3f20506f007d06700918;u9=en;u18=us;gdid=dYmQxMT;ps=1;pcor=1693232299;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0v9179878328za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cisco.com%2Fc%2Fen%2Fus%2Ftd%2Fdocs%2Fsecurity%2Femail_encryption%2FCRES%2Frecipient_guide%2Fb_Recipient%2Fb_Recipient_chapter_011.html? |
HTTP Parser: No favicon |
Source: https://14152266.fls.doubleclick.net/activityi;dc_pre=CLbXlv2Zl4UDFTTn5wMdTQcBGQ;src=14152266;type=viq0_0;cat=gl_vi001;ord=5624365521958;npa=0;auiddc=967978666.1711637338;u1=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;u4=018e8588f34200019ea13494d3f20506f007d06700918;u9=en;u18=us;gdid=dYmQxMT;ps=1;pcor=835500793;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cisco.com%2Fc%2Fen%2Fus%2Ftd%2Fdocs%2Fsecurity%2Femail_encryption%2FCRES%2Frecipient_guide%2Fb_Recipient%2Fb_Recipient_chapter_011.html? |
HTTP Parser: No favicon |
Source: https://14152266.fls.doubleclick.net/activityi;dc_pre=COnYlv2Zl4UDFZAhdgYdwsgC0g;src=14152266;type=gl_au0;cat=gl_au0;ord=533540774880;npa=0;auiddc=967978666.1711637338;u1=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;u4=018e8588f34200019ea13494d3f20506f007d06700918;u9=en;u18=us;gdid=dYmQxMT;ps=1;pcor=211706225;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43p0za200;gcd=13l3l3l3l1;dma=0;epver=2;match_id=MjMuNDguMjAwLjEwMy43MzE5ODUxNzExNjM3MzA4NDU2;~oref=https%3A%2F%2Fwww.cisco.com%2Fc%2Fen%2Fus%2Ftd%2Fdocs%2Fsecurity%2Femail_encryption%2FCRES%2Frecipient_guide%2Fb_Recipient%2Fb_Recipient_chapter_011.html? |
HTTP Parser: No favicon |
Source: securedoc_20240328T081124.html |
HTTP Parser: No <meta name="author".. found |
Source: https://res.cisco.com/websafe/root |
HTTP Parser: No <meta name="author".. found |
Source: https://res.cisco.com/websafe/root |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49744 version: TLS 1.0 |
Source: unknown |
HTTPS traffic detected: 23.209.58.93:443 -> 192.168.2.5:49741 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.5:49742 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.209.58.93:443 -> 192.168.2.5:49746 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49758 version: TLS 1.2 |
Source: unknown |
Network traffic detected: DNS query count 73 |
Source: global traffic |
HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW45NjI6MTExODg!/.AhgNw5Nj-phZ3JPG.sANpeDFJRefsPD3fAGMHuThy5mMEC-L54SqYzghKEeiEYBgLa4kgwFyZVtRANTJ-NnCF5G-SrFAD6Y1g!!/?p=0&d=%7B%27name%27%3Anull,%0D%0A%27msgID%27%3A%27%7C1__25f86d1a0000018e852fc727d874571c4b1c3523%40mx7%2Ejackhenry%2Ecom%27,%0D%0A%27keysize%27%3A24,%0D%0A%27flags%27%3A2049,%0D%0A%27rid%27%3A%27IidnbGVuZXJneUBnbGVuZXJneS5jb20nIiA8Z2xlbmVyZ3lAZ2xlbmVyZ3kuY29tPg%3D%3D%27,%0D%0A%27algnames%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%27AES%27%7D%7D,%0D%0A%27algparams%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%7B%27IV%27%3A%27vdD6PCYd5sdb%2FjvJ%2BRK%2BOw%3D%3D%27%7D%7D%7D,%0D%0A%27keyserverhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27securereplyhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27openerhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27toc%27%3A%5B%0D%0A%5B%27Body-1711631484753%2Etxt%27,1,%0D%0A%27%27,%0D%0A%27%27,%0D%0A13,%5B0,10138%5D,%27Body-1711631484753%2Etxt%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image001%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image001%2Epng%27,%0D%0A21,%5B10138,2455%5D,%27image001%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27MessageBar%2Ehtml%27,4,%0D%0A%27%27,%0D%0A%27%27,%0D%0A1,%5B12593,29338%5D,%27MessageBar%2Ehtml%27,%0D%0A%27ISO-8859-1%27%5D%0D%0A%5D,%0D%0A%27salt%27%3A%27Xqs91DK162A%2FSAcs5GGDL33ft7U%3D%27,%0D%0A%27data%27%3A%5B%0D%0A%27%27,%27DSJRvn2zMAzMPPzFUGaYIjMKefNgTfJrIo7%2Bfbos6cwk8F%2F2aoHwT%2B5lyxxjmP8tPOD7oKnQsPV%2FVH7085LXQ%2FttaDDOwLdXCjwC2S%2FbepEcoARPCtQEQ8Sdi5R6Zo3B96X0AVNIM2%2FVsEaFXp5kRYqHh5ksSBuEbHeQJF6Tx8WqtogruBnSu4qiT3Uz1usgxS1qvZl3JYtXxNeJ4rUkSzwsjjejXvk5J1mXK9Jc2WSdSxwydTYidgI%2B21hXKVU0NuluSmqGJsgzQcQQ1tgsFN0DnJ0mpstX6pEYXemYZW%2BwZDuhIdsSSigM1775B8XjNgjnWPV63EkAAbn3Z6%2FmOg9Gb64DCJgpvGUw9vEUDUPKCQK3dZ5ZmsnxMltoPKsQNAvUDIdHhaTP95hxUay2%2Fa85UXdvngr5d2iDdDbPcs4zJaww0qybl3fLXINNy62fx8B8Ju29%2F12qGWzmCBSxDxo0kwKQt%2BbLNfShGr11WX7%2BBgkCLaY%2FPMPegL83RjAJIAmCdYu6h5m65oajvZmiIiIBNXB5GhIrg0PIayHnhFQ%2BXIpwHLMeY6gtKZgQjtjAjk2i9K3%2F9gKWR%2BOtvwSOcj%2F%2BwSyinwnOOu2c7WCI6YmkRGxtVMonTX8swbMOZLk1jydsazl5VDf1hL4mJz0CvLbulCkeqFk3HJxIk5q0flF5ud45TAstt7%2FQB9g6HO%2Bpz3pTylm2%2FEsXwrSPhJ1GQ7nDGEf4%2B%2FLbRWGu276zR8ikEK9UgGw1IF65VPVHz1FE2DD%2BgBOZGddjUxccGgV%2FEe8ytOpu0UbpyjqtevrarwT93zAjtQfQLeYHyvtjwGPfdm3X80PqsYevwi9fjhlG%2BrgCLIST2JReQDXsWdjGl1x8lGUZuQa9cdM0OGUu806yAtteKc60h5kXo253QjxUtWkBQp1sYcwt0ksqxVT6%2FTPU6x7aD9XUj%2F%2ByNZyTtb2PKX9k5ThLB3PRs00pWolPK8Sbtqu%2FQ393ueQwu%2FA2afWap6XiIBuFq24ZpolmVW%2F%2B8xB |