Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
Matcher: Template: microsoft matched with high similarity |
Source: Yara match |
File source: 2.5.pages.csv, type: HTML |
Source: Yara match |
File source: 3.6.pages.csv, type: HTML |
Source: Yara match |
File source: 3.8.pages.csv, type: HTML |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
Matcher: Found strong image similarity, brand: MICROSOFT |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx |
Source: https://login.technicfloor.co.uk/?auth=2 |
HTTP Parser: Number of links: 0 |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: Number of links: 1 |
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/n6kd8/0x4AAAAAAAYAT8XsNu5U2Bt5/auto/normal |
HTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/n6kd8/0x4AAAAAAAYAT8XsNu5U2Bt5/auto/normal |
Source: https://login.technicfloor.co.uk/?auth=2 |
HTTP Parser: Title: Redirecting does not match URL |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: Title: Sign in to your account does not match URL |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: <input type="password" .../> found |
Source: http://lloyds.technicfloor.co.uk/verify |
HTTP Parser: No favicon |
Source: http://lloyds.technicfloor.co.uk/verify |
HTTP Parser: No favicon |
Source: http://lloyds.technicfloor.co.uk/verify |
HTTP Parser: No favicon |
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/n6kd8/0x4AAAAAAAYAT8XsNu5U2Bt5/auto/normal |
HTTP Parser: No favicon |
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/n6kd8/0x4AAAAAAAYAT8XsNu5U2Bt5/auto/normal |
HTTP Parser: No favicon |
Source: https://login.technicfloor.co.uk/?auth=2 |
HTTP Parser: No favicon |
Source: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx |
HTTP Parser: No favicon |
Source: https://login.technicfloor.co.uk/?auth=2 |
HTTP Parser: No <meta name="author".. found |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://login.technicfloor.co.uk/?auth=2 |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.technicfloor.co.uk/?auth=2&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.16:49713 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.16:49714 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49760 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.54.200.159 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 192.229.211.108 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 192.229.211.108 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 192.229.211.108 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 192.229.211.108 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 192.229.211.108 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 192.229.211.108 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET /verify HTTP/1.1Host: lloyds.technicfloor.co.ukConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Gndj=f5c8fb923db656e0fa5e57c194b1a6464cd359c909e75c758e6520b188596651 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: lloyds.technicfloor.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://lloyds.technicfloor.co.uk/verifyAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Gndj=f5c8fb923db656e0fa5e57c194b1a6464cd359c909e75c758e6520b188596651 |
Source: global traffic |
DNS traffic detected: DNS query: challenges.cloudflare.com |
Source: global traffic |
DNS traffic detected: DNS query: md-in-63.webhostbox.net |
Source: global traffic |
DNS traffic detected: DNS query: www.google.com |
Source: global traffic |
DNS traffic detected: DNS query: login.technicfloor.co.uk |
Source: global traffic |
DNS traffic detected: DNS query: aadcdn.msftauth.net |
Source: global traffic |
DNS traffic detected: DNS query: portal.microsoftonline.com |
Source: unknown |
HTTP traffic detected: POST /verify HTTP/1.1Host: lloyds.technicfloor.co.ukConnection: keep-aliveContent-Length: 596Cache-Control: max-age=0Upgrade-Insecure-Requests: 1Origin: http://lloyds.technicfloor.co.ukContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://lloyds.technicfloor.co.uk/verifyAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Gndj=f5c8fb923db656e0fa5e57c194b1a6464cd359c909e75c758e6520b188596651Data Raw: 63 66 2d 74 75 72 6e 73 74 69 6c 65 2d 72 65 73 70 6f 6e 73 65 3d 30 2e 63 45 63 41 34 4e 4b 4c 47 65 79 6c 56 6c 75 34 71 54 35 6c 73 70 69 41 37 48 4a 56 44 78 4e 42 35 45 46 67 38 62 67 72 47 6b 48 47 54 36 32 51 68 49 7a 6b 5a 5a 37 57 68 72 56 4d 52 70 6c 7a 45 30 47 62 44 4c 73 72 54 62 5f 59 72 50 56 75 51 46 4d 73 6c 6c 72 33 63 4f 33 62 5a 48 4f 7a 49 54 56 49 70 62 59 68 4e 4a 63 6f 57 6c 67 4e 4f 38 39 2d 36 4d 32 48 64 46 37 57 5a 30 56 58 69 4d 6a 65 6e 32 33 38 78 44 39 62 58 79 78 69 37 5f 38 34 5f 75 50 45 30 74 50 7a 6a 79 65 73 2d 68 77 4f 63 62 78 73 32 64 65 72 35 34 71 34 52 73 4c 44 5a 62 54 4c 31 45 36 35 53 4f 6a 73 56 6c 31 46 7a 45 54 31 6b 58 58 47 44 67 30 6a 75 64 68 46 55 73 61 75 63 45 4a 4e 6f 6f 31 35 68 34 77 64 31 72 44 56 71 6c 76 66 70 6d 4b 69 43 56 38 34 74 54 77 41 30 36 41 45 49 4e 5f 72 51 6f 73 58 50 36 2d 2d 5f 4c 32 30 64 68 68 59 6b 6c 76 45 58 62 52 75 70 35 45 51 34 54 4f 54 64 70 72 68 73 55 58 4a 77 4a 70 56 36 72 64 54 37 4a 64 6d 2d 41 70 49 6b 69 78 43 72 7a 76 6d 4b 52 75 73 59 55 2d 57 68 6b 31 34 48 5f 72 77 59 67 54 77 59 61 5f 43 73 48 64 64 4b 67 63 2d 53 35 79 44 66 6d 32 37 36 4d 7a 4f 57 46 59 70 76 35 39 72 67 4e 54 39 4a 56 69 55 78 52 74 65 4b 35 6e 6d 4b 68 4d 57 33 54 57 4e 42 33 65 54 51 48 61 33 64 79 75 54 38 6d 39 4b 44 6b 5a 66 39 74 6e 52 6b 75 66 77 63 49 77 55 30 5a 50 68 79 44 7a 6f 32 4a 4e 78 75 47 59 5f 71 43 4a 54 71 6d 2d 49 4c 55 2d 31 4a 79 64 32 5f 35 31 54 36 33 74 6c 45 67 2e 6d 76 66 6f 50 62 48 31 68 62 77 62 74 58 63 50 52 69 56 53 39 67 2e 34 35 39 35 35 65 64 35 39 31 35 38 37 35 37 39 35 32 34 32 34 34 32 39 62 39 33 34 62 33 31 66 65 33 61 64 38 32 66 31 38 64 62 32 62 39 33 30 36 38 64 66 64 39 38 33 63 35 64 33 35 33 31 32 26 62 75 7 |