Click to jump to signature section
Source: securedoc_20240327T095809.html | HTTP Parser: document.write |
Source: securedoc_20240327T095809.html | HTTP Parser: location.href |
Source: securedoc_20240327T095809.html | HTTP Parser: window.location |
Source: securedoc_20240327T095809.html | HTTP Parser: "Carruthers, Crystal" <crystal.carruthers@optum.com> |
Source: securedoc_20240327T095809.html | HTTP Parser: Secure Message from crystal.carruthers@optum.com |
Source: file:///C:/Users/user/Desktop/securedoc_20240327T095809.html | HTTP Parser: {'name':null,'msgID':'|1__012393150000018e806b24aa956f8f48f98e19c2@ovarp0688.corpmailsvcs.com','keysize':24,'flags':3073,'rid':'YWNjb3VudHNwYXlhYmxlIDxhY2NvdW50c3BheWFibGVAY3JhbmV3YXJlLmNvbT4sICJwaGFybWFjeWJpbGxpbmdhZG1pbkBjaGFuZ2VoZWFsdGhjYXJlLmNvbSIgPHBoYXJtYWN5YmlsbGluZ2FkbWluQGNoYW5nZWhlYWx0aGNhcmUuY29tPg==','algnames':{'encryption':{'data':'AES'}},'algparams':{'encryption':{'data':{'IV':'LHCijzkUvfOdEEtnk6xpAw=='}}},'keyserverhost':'res.cisco.com:443','securereplyhost':'res.cisco.com:443','openerhost':'res.cisco.com:443','toc':[['Body-1711551489199.txt',1,'','',13,[0,43824],'Body-1711551489199.txt','UTF-16'],['image002.png',2,'','image002.png',21,[43824,3817],'image002.png','ISO-8859-1'],['image003.png',2,'','image003.png',21,[47641,5468],'image003.png','ISO-8859-1'],['MessageBar.html',4,'','',1,[53109,63586],'MessageBar.html','UTF-16']],'salt':'frfzhcw7G/NdlMuvS+fQLm5CkoE=','data':['','','']} |
Source: securedoc_20240327T095809.html | HTTP Parser: Title: Secure Registered Envelope:Secure Message from crystal.carruthers@optum.com does not match URL |
Source: securedoc_20240327T095809.html | HTTP Parser: <input type="password" .../> found |
Source: securedoc_20240327T095809.html | HTTP Parser: No favicon |
Source: file:///C:/Users/user/Desktop/securedoc_20240327T095809.html | HTTP Parser: No favicon |
Source: securedoc_20240327T095809.html | HTTP Parser: No <meta name="author".. found |
Source: unknown | HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49731 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49733 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49734 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49737 version: TLS 1.2 |
Source: global traffic | HTTP traffic detected: GET /envelopeopener/pf/ZGJAVG9rZW4zMzcxOjEzNTk2/qqjZBFuv.ItibTT6WGs4TKRTMy5HM1s9Og5FScWoIX8HSOlD-T5Z5mfGe6y5Crm60-L9VYKHBc1CQifQaF0UuKtCP6TgMRwuuw!!/?p=0&d=%7B%27name%27%3Anull,%0D%0A%27msgID%27%3A%27%7C1__012393150000018e806b24aa956f8f48f98e19c2%40ovarp0688%2Ecorpmailsvcs%2Ecom%27,%0D%0A%27keysize%27%3A24,%0D%0A%27flags%27%3A3073,%0D%0A%27rid%27%3A%27YWNjb3VudHNwYXlhYmxlIDxhY2NvdW50c3BheWFibGVAY3JhbmV3YXJlLmNvbT4sICJwaGFybWFjeWJpbGxpbmdhZG1pbkBjaGFuZ2VoZWFsdGhjYXJlLmNvbSIgPHBoYXJtYWN5YmlsbGluZ2FkbWluQGNoYW5nZWhlYWx0aGNhcmUuY29tPg%3D%3D%27,%0D%0A%27algnames%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%27AES%27%7D%7D,%0D%0A%27algparams%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%7B%27IV%27%3A%27LHCijzkUvfOdEEtnk6xpAw%3D%3D%27%7D%7D%7D,%0D%0A%27keyserverhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27securereplyhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27openerhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27toc%27%3A%5B%0D%0A%5B%27Body-1711551489199%2Etxt%27,1,%0D%0A%27%27,%0D%0A%27%27,%0D%0A13,%5B0,43824%5D,%27Body-1711551489199%2Etxt%27,%0D%0A%27UTF-16%27%5D,%0D%0A%5B%27image002%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image002%2Epng%27,%0D%0A21,%5B43824,3817%5D,%27image002%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image003%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image003%2Epng%27,%0D%0A21,%5B47641,5468%5D,%27image003%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27MessageBar%2Ehtml%27,4,%0D%0A%27%27,%0D%0A%27%27,%0D%0A1,%5B53109,63586%5D,%27MessageBar%2Ehtml%27,%0D%0A%27UTF-16%27%5D%0D%0A%5D,%0D%0A%27salt%27%3A%27frfzhcw7G%2FNdlMuvS%2BfQLm5CkoE%3D%27,%0D%0A%27data%27%3A%5B%0D%0A%27%27,%27j3rt2rKVtePYhOdkWuHqAvG5IPgP7XWniwxQo6069G4%2FUd1VX8br2nlNrN%2FfyhxIJFGRvKeVONEaCVW6N5mXAjdjK4Zct33b5Yp26m8kPhxD4TzzWva%2B%2F3%2BMC76krWXVGGGdx2CCsZxmrl30Sn%2FaToDfKjQil6%2FRjJWeT5GCmzjirnek%2Ft0%2FPJl6fd1571mAV0g9fyaegZ1Eo0AouxnxsTs1WtzYkDuF5q%2BWH3zhHCfqjegwpVSU2m0uJ8kq2xj8FIMs%2Bsnr5Ya3yuo7aiem0xMqwkl%2Fr5j2Q7rSn8UBGO%2BzOpCaiO6cM7NbLpzTzrJ%2BI5SjwsiRhHJ8nHGz6G7lIFHnF2WsRGfYZ%2BubPnt4xioEjSYGMsauab95VpoQMAq9dvVh3So0VyGx7I6Cfl7UGAwPqSNWTciWoVYVZfQS7FowRMDPPygldJNaNfVsiBu4ZTho9mfPFKeQg0yJCIJtEzOWq6SPbBojJbDH1OUaVtOeYGedoTtJAI6yUC3ypf56IAEsCPrs1jS8CEXLZ1mOc5umusG0nud0q1OLSLIF5b5iBCnmnMcCbqMhZWCvU0F4Bo%2FeSKZmAAABPsR0vDeTMuFuSKyGmWmmImTnoOvDC9Sbuzo3JqatAse1NSJEdpSP8Qfek9WtRyk9fB9gBE0HcLX2nfEaMsx48j8NIz%2F7%2BiTcMaY0i5ypyXH7plGkABDu2WC3mQecoTQMJrIQcVSSseDP4Mp9YJbyzUIE8xYfRZIKGK6baMcGibkQQYdNcljAVeBML9t6TB9n5a%2FtWUBYa4vZUJLB2ddCLkxYle92snWtpe5ELk%2F |