Source: unknown | TCP traffic detected without corresponding DNS query: 104.46.162.224 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.6.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 199.232.214.172 |
Source: unknown | TCP traffic detected without corresponding DNS query: 199.232.214.172 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic | HTTP traffic detected: GET /l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com HTTP/1.1Host: insidesales-email.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /?qrc=barbara.rentler@ros.com HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879669880fea0acd HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879669880fea0acd/1713965058384/5bc5949f26cf89d93f31e31abc75d33badd9ed53032d1de910949dd3595c52bb/fXUOLayyxgzrnsg HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ubWljcm9zb2ZmaWNlLm9ubGluZSIsImRvbWFpbiI6Im9ubWljcm9zb2ZmaWNlLm9ubGluZSIsImtleSI6IlcwSDRRdEtRdjdiciIsInFyYyI6ImJhcmJhcmEucmVudGxlckByb3MuY29tIiwiaWF0IjoxNzEzOTY1MDgwLCJleHAiOjE3MTM5NjUyMDB9.Z5J0XZvz31FwADNqgqRu9ydJA1yGWpej1k_iQgwUY74 HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /?qrc=barbara.rentler%40ros.com HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY |
Source: global traffic | HTTP traffic detected: GET /owa/?login_hint=barbara.rentler%40ros.com HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY |
Source: global traffic | HTTP traffic detected: GET /?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag |
Source: global traffic | HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fkePJqr3gTVODApOxjtqnZftvgfLn5hLz4nBuNcv_3fTypvkZ8dFI4BL6wEcN2n5GYLOdG_8OuJ-90s0wVyqGG5Kbh8CAA; fpc=AvaH28Aio81MiaUB3bZI-Zw; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nV2pomA_lu1HEyz2Yh2a2abAjmlN7beaCAcudLYUmBxiRPThwuqOShgJIWDsK4j9vaRXLOWMCw7UBceW2sQUClzV4gKP4eqzQ76hLVD213_uewjjAfJC4QFwms6pWnb33QpGKgdnTPaVwqiCEVHhbQY3t8AFgQwAHQK8DWN78LcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==&sso_reload=true HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ |