Report - app.salesforceiq.com/r?t=AFwhZf065tBQQJtb1QfwP5t--0vgBJ0h_ebIEq5KFXSXqUZai5J8FQSwWrq93GQOlAns9KDGvW4ICfvxj8Z5CJD1Q9Wt5o0NW5c0cKHizUAbubpaOgmKjcVLdh1YXO2nIltTeoePggUL&target=631f420eed13ca3bcf77c324&url=https://forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ=

Report Overview

Visited public
2025-02-02 03:13:03
Tags
microsoft phishing
URL
app.salesforceiq.com/r?t=AFwhZf065tBQQJtb1QfwP5t--0vgBJ0h_ebIEq5KFXSXqUZai5J8FQSwWrq93GQOlAns9KDGvW4ICfvxj8Z5CJD1Q9Wt5o0NW5c0cKHizUAbubpaOgmKjcVLdh1YXO2nIltTeoePggUL&target=631f420eed13ca3bcf77c324&url=https://forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ=
Finishing URL
ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
IP / ASN
52.38.40.115
#16509 AMAZON-02
Title
Sign in to your account
Phishing - Microsoft

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-01-29	3.7 kB	92 kB	104.18.95.41
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-29	535 B	7.2 kB	104.17.24.14
code.jquery.com	634	2005-12-10	2012-05-21	2025-01-29	510 B	24 kB	151.101.130.137
6612271478-1323985617.cos.ap-seoul.myqcloud.com	unknown	2013-04-24	2025-01-27	2025-01-27	477 B	554 kB	119.28.146.206
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-04-05	2025-01-29	477 B	52 kB	104.18.11.207
aadcdn.msftauth.net	1455	2018-10-25	2018-11-19	2025-01-28	532 B	2.5 kB	23.36.79.136
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-01-29	531 B	50 kB	104.18.11.207
ppruthvirajdattakaleguru.filestoredocs.com	unknown	2025-01-16	2025-01-27	2025-01-27	2.0 kB	44 kB	172.67.160.17
forestlakeselfstorage.com.au	unknown	unknown	2020-09-04	2023-11-21	568 B	448 B	185.199.220.87
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-01-29	469 B	31 kB	142.250.74.170
6612271478.identityinbuilding.com	unknown	2024-11-11	2025-01-27	2025-01-27	1.2 kB	806 B	69.49.246.64
aadcdn.msauth.net	1421	2018-10-25	2018-11-19	2025-01-30	1.0 kB	19 kB	13.107.246.53
app.salesforceiq.com	40076	2014-07-14	2015-09-15	2025-01-30	778 B	386 B	54.148.211.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-02-02 03:12:44	low	Client IP	119.28.146.206	ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)
2025-02-02 03:12:44	low	Client IP	119.28.146.206	ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	From	Size	First Seen	Last Seen
	ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net	ScriptElement	53 kB	2025-01-27	2025-02-03
Pretty URL ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net IP 172.67.160.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-27 16:38 Last Seen2025-02-03 18:01 Times Seen179 Hash 861fc2a3ea1c27e9f50b249fd8af32ea 8be49cf7250c8c9b22b25283b570106ea667b6cc b82a211663eb4a086d5e84336969ec5bb65b1c01435e3fdb22f143d90d1da291 Loading...

	unknown	ScriptElement	2.7 kB	2025-01-27	2025-02-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-27 16:38 Last Seen2025-02-03 18:01 Times Seen179 Hash 543c00bf3a31e68a5b95d8519216ebee eb37735a0434ccee3e3c1eb2e94f94621758e1a5 5b5112579e24e00247572655d86cd0f02419a01832ad3b78617d9dcd878a7779 Loading...

	6612271478-1323985617.cos.ap-seoul.myqcloud.com/bootstrap.min.js	ScriptElement	553 kB	2025-01-27	2025-02-03
Pretty URL 6612271478-1323985617.cos.ap-seoul.myqcloud.com/bootstrap.min.js IP 119.28.146.206 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-27 16:38 Last Seen2025-02-03 18:01 Times Seen179 Hash 7e6efe4e695d27bc64f6455d76c5ad25 c6458211608458b2b6b4286e55eb5e5ce9e4f2ec 84eb9582215f3519ee18beba6e0e51d5ca0fd2e36c1c8bd17c24ef2c4d412b4e Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-17
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-17 04:24 Times Seen75315 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-05-17
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-17 04:24 Times Seen72976 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	ScriptElement	70 kB	2023-03-07	2025-05-17
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-17 04:24 Times Seen57525 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	ScriptElement	86 kB	2023-03-07	2025-05-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-17 04:24 Times Seen175086 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-17
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-17 04:24 Times Seen99335 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-17 04:30
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-17 04:30 Times Seen370100 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - bb2e0ac0bab08d0477d6be3c521e936e	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash bb2e0ac0bab08d0477d6be3c521e936e 0d0c381e30c06b267365d28e082ea521dcb05720 a93aa96f444e858d030f2bf81ded19a4f772aa0e3a1d5e4be1f220d724301933 Loading...

	#3 Eval - 3770002da6bc1e7a01745cdd6bc74be4	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 3770002da6bc1e7a01745cdd6bc74be4 bb8b7d1c59772f877426c0462b44f05c2e1f4b8e b69825377e3e7fa10f4094a926d299ff6ed91e1a159a58d4b55bf7aeee28ba15 Loading...

	#4 Eval - cf63b2e9fc32684858bfe2ba2bfc5ba6	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash cf63b2e9fc32684858bfe2ba2bfc5ba6 7795f039de324ef05fd4a8a25eb5a84905160f11 4a9281b768db55a270182b048a4c30ba59c3047d98a8bb33e3409c8991c501c4 Loading...

	#5 Eval - afb3967ece8c4f5e1fae57f8292e8610	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash afb3967ece8c4f5e1fae57f8292e8610 c4ba1d89e1f8121f0383d18374f63d057edb2de7 702f046d5f1e196d6d452b85302aec27797bd20fc148ba3fcb2a5f55eefa44b4 Loading...

	#6 Eval - b0359e915476bb8fef10b3d092bd8870	61 B	2025-01-30 16:12	2025-02-04 20:02
Pretty Observations First Seen2025-01-30 16:12 Last Seen2025-02-04 20:02 Times Seen651 Hash b0359e915476bb8fef10b3d092bd8870 e7dbb333b8f6a305afaaeb0f0239db88e9e42ffc 8ea02ebf76750bc5af6be69e89b4508a91c331b4538161c77379ac296086a282 Loading...

	#7 Eval - 4a675a0e4cbc36b8ca139093ebcb12ff	2.8 kB	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 4a675a0e4cbc36b8ca139093ebcb12ff 27ce0178b1b39f0390ae74b94dda75318dc961a3 79ec192ba67bc1e2fd9a5b41936547f0864269466f6c21b2c72bb6937bf41ef5 Loading...

	#8 Eval - 28108b5d0ee2732bbc58d4f6dbd8ae0c	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 28108b5d0ee2732bbc58d4f6dbd8ae0c 3d5ef3c37969629bb13d56017e15fb9e26cafd3d b4dcb680b4b3e03bf13b787245acd29ea193d0ef1b94444eb0039a51fcda2e12 Loading...

	#9 Eval - 6fa7995472d31ebab966bf3670427946	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 6fa7995472d31ebab966bf3670427946 07f97834548fbb78ba6fe686458e43001636367b 779975df444870a5ea95d62ad5c8acc7b6257ead2463fbf230ab6d61cc4c79c5 Loading...

	#10 Eval - 8cdd9e1f0faa5bde411f6dd03bfc3172	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 8cdd9e1f0faa5bde411f6dd03bfc3172 97649cc406c93de373d4fe793b465498a42a4e8b ee64b02433096bed15bdbb15c950370a178aebcc99efdc3d8ded477927b8512b Loading...

	#11 Eval - 9d6bbc3113704bdd9611d31a6729b06b	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 9d6bbc3113704bdd9611d31a6729b06b 13e098ae79802f02299747e942b9c07ba9c53871 7d800a941c579f4c3c05c4d30dd5214ff242400fd530d5f54295a26027313a52 Loading...

	#12 Eval - 143be8428140b1da06707f0e7b2bde75	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 143be8428140b1da06707f0e7b2bde75 bcab2f11d731555ce6b873667e6b69da575761fa 41d3d2c4e54ca3082c9e1d182d46d6cfd50fd9bfe5c89dccfe0820c37c58ad6c Loading...

	#13 Eval - 9a7fe9808db30791004c708a96cd9e82	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 9a7fe9808db30791004c708a96cd9e82 10d639bcd0f39f83cf7d2e05f61590cda309b75a 46b24a330080231ea42edd8a40b21ccc2582b3c94721458aee6e1aae6de68724 Loading...

	#14 Eval - 689a22e2abf2ea939edbeaed80e22efb	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 689a22e2abf2ea939edbeaed80e22efb af98d236116700c9cdfb8f247ad43e6ca3428545 2a502e043ae6d747af49a537b2290b8a7d726fced4839d7329b8f470a4646aae Loading...

	#15 Eval - 2b9e3749afdac56e2fc3f764c3e4f4af	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 2b9e3749afdac56e2fc3f764c3e4f4af 5595ca4d1efe8d7713155603111c3ef67328bfb0 bed23f9db58a143455ed8f2b0ad7e64228e838f07aa8dfa4ff4c6025e153a2bd Loading...

	#16 Eval - 7cc4dbd5895493ba1e1247aa7d5bb08b	28 B	2025-02-02 03:13	2025-02-02 03:13
Pretty Observations First Seen2025-02-02 03:13 Last Seen2025-02-02 03:13 Times Seen1 Hash 7cc4dbd5895493ba1e1247aa7d5bb08b 673bc89f4af66bb5cbbbd40b6460eb615923a8aa 79a9177dc406a50c4039e4efbeae9054d82fae92b436602dae748f8b40868b47 Loading...

		Size	First Seen	Last Seen
	#1 Write - 1b197337a65cce18b25192aa3e1ef6e7	11 kB	2025-01-27 16:38	2025-02-03 18:01
Pretty Observations First Seen2025-01-27 16:38 Last Seen2025-02-03 18:01 Times Seen179 Hash 1b197337a65cce18b25192aa3e1ef6e7 affebf52db822d22b2b1772a514beaec05e9b9a6 c914edb6d07f0ba57323e88d1ba32230a0311996e4bc876ffcb030161346b0ff Loading...

HTTP Transactions (21)

URL IP Response Size

app.salesforceiq.com/r?t=AFwhZf065tBQQJtb1QfwP5t--0vgBJ0h_ebIEq5KFXSXqUZai5J8FQSwWrq93GQOlAns9KDGvW4ICfvxj8Z5CJD1Q9Wt5o0NW5c0cKHizUAbubpaOgmKjcVLdh1YXO2nIltTeoePggUL&target=631f420eed13ca3bcf77c324&url=https://forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ=

54.148.211.227

307 Temporary Redirect

0 B

URL
app.salesforceiq.com/r?t=AFwhZf065tBQQJtb1QfwP5t--0vgBJ0h_ebIEq5KFXSXqUZai5J8FQSwWrq93GQOlAns9KDGvW4ICfvxj8Z5CJD1Q9Wt5o0NW5c0cKHizUAbubpaOgmKjcVLdh1YXO2nIltTeoePggUL&target=631f420eed13ca3bcf77c324&url=https://forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ=
IP
54.148.211.227:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /r?t=AFwhZf065tBQQJtb1QfwP5t--0vgBJ0h_ebIEq5KFXSXqUZai5J8FQSwWrq93GQOlAns9KDGvW4ICfvxj8Z5CJD1Q9Wt5o0NW5c0cKHizUAbubpaOgmKjcVLdh1YXO2nIltTeoePggUL&target=631f420eed13ca3bcf77c324&url=https://forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ= HTTP/1.1
Host: app.salesforceiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Sun, 02 Feb 2025 03:12:33 GMT
content-length: 0
location: https://forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ=
x-build-time: {{BUILD_TIME}}
txnid: 126c4iidzeys2va070g5ormt7
access-control-expose-headers: txnid
timing-allow-origin: *
server: Jetty(9.3.z-SNAPSHOT)
X-Firefox-Spdy: h2

forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ=

185.199.220.87

200 OK

0 B

URL
forestlakeselfstorage.com.au/.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ=
IP
185.199.220.87:0
ASN
#12488 Krystal Hosting Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /.real/po/2qUDIJLDjy5yfHN8UYjWtyn0Nnt/a2FzZXkuZnVsbGVyQHNsdXJwbWFpbC5uZXQ= HTTP/1.1
Host: forestlakeselfstorage.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
refresh: 0;url=https://ppruthvirajdattaKaleGuru.filestoredocs.com/O1W79?e=kasey.fuller@slurpmail.net
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 02 Feb 2025 03:12:33 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ppruthvirajdattakaleguru.filestoredocs.com/O1W79?e=kasey.fuller@slurpmail.net

172.67.160.17

301 Moved Permanently

1.3 kB

URL
ppruthvirajdattakaleguru.filestoredocs.com/O1W79?e=kasey.fuller@slurpmail.net
IP
172.67.160.17:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.3 kB (1306 bytes)
Hash
e6c5e41af6cd62ba154ba48bd07f8249
3647b19653ad49ed54886c8e47f2ebb27afefdcb
67ebe6300a1bdb035045f203fc91fcdbac2c5b009a078f82170d330bb6e67919

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /O1W79?e=kasey.fuller@slurpmail.net HTTP/1.1
Host: ppruthvirajdattakaleguru.filestoredocs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 02 Feb 2025 03:12:34 GMT
content-type: text/html; charset=iso-8859-1
location: http://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcqZENeRjQjTbDApE2p84JGH4IIfXmuwPxYNGzciW2XvIGaxz71zMy%2Fkt9WPA6UDb0%2BficwdFUXhEVQBqnXXb99l8AWOMwTaW4BTZjq3LXxr771fSqLTsmC8HhgKV0KzV%2FFe38bEaywHNuAkfFNJVv43BMw%2ByOU9r0gYJHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b70014a91cb4f1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5527&min_rtt=504&rtt_var=10091&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3216&recv_bytes=1170&delivery_rate=7927007&cwnd=254&unsent_bytes=0&cid=1b23fff18d9b6773&ts=58&x=0"
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x5kfv/0x4AAAAAAA5e23v55LAv0QnZ/auto/fbE/new/normal/auto/

104.18.95.41

200 OK

6.9 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x5kfv/0x4AAAAAAA5e23v55LAv0QnZ/auto/fbE/new/normal/auto/
IP
104.18.95.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (22073)
Size
6.9 kB (6899 bytes)
Hash
8fbc4ad39ec872f3006bd963544e0596
f751acbb721a6bf951c1b0b38d589970f6fe7894
97a1584da34e99483edfdd7813578cc4bc19b33795367792affba20092d0cbcc

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x5kfv/0x4AAAAAAA5e23v55LAv0QnZ/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 02 Feb 2025 03:12:34 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 90b70017596f56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=90b70017596f56a5&lang=auto

104.18.95.41

200 OK

51 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=90b70017596f56a5&lang=auto
IP
104.18.95.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (51330 bytes)
Hash
4fb452efdf275fe289e050a482350dc7
c4a90191dae7bb8ba3f4f9616d5689e5a4b4975a
d933aaebf0a47056f0f33269862ad1aad4e077a47d3f4191c95ab79622d45516

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=90b70017596f56a5&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x5kfv/0x4AAAAAAA5e23v55LAv0QnZ/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 02 Feb 2025 03:12:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=2,i=?0
server: cloudflare
cf-ray: 90b7001809d556a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/90b70017596f56a5/1738465954887/1AQw_XBzZX01Yod

104.18.95.41

200 OK

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/90b70017596f56a5/1738465954887/1AQw_XBzZX01Yod
IP
104.18.95.41:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 73 x 32, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
316dbd29762d57cb4df3d156d96a1d55
9d00f85f217983f539c79a58cd59d16204e6af2f
cbd1ed19126156e53412d316f5e7f60082d774499498f66ed5ee5d27dbf4a7c0

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/d/90b70017596f56a5/1738465954887/1AQw_XBzZX01Yod HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x5kfv/0x4AAAAAAA5e23v55LAv0QnZ/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 02 Feb 2025 03:12:37 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 90b7002b8cbf56a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/90b70017596f56a5/1738465954887/a90d34fd201452bef472b8a47e80411f2220cd5f0b876e8530dd4ceb850401d3/CdORWhiT941XLp9

104.18.95.41

401 Unauthorized

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/90b70017596f56a5/1738465954887/a90d34fd201452bef472b8a47e80411f2220cd5f0b876e8530dd4ceb850401d3/CdORWhiT941XLp9
IP
104.18.95.41:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/90b70017596f56a5/1738465954887/a90d34fd201452bef472b8a47e80411f2220cd5f0b876e8530dd4ceb850401d3/CdORWhiT941XLp9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x5kfv/0x4AAAAAAA5e23v55LAv0QnZ/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Sun, 02 Feb 2025 03:12:37 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gqQ00_SAUUr70crikfoBBHyIgzV8Lh26FMN1M64UEAdMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIKkNNP0gFFK-9HK4pH6AQR8iIM1fC4duhTDdTOuFBAHTABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKkNNP0gFFK-9HK4pH6AQR8iIM1fC4duhTDdTOuFBAHTABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAhyjrDP7zQ5ZzlMLlYQtQX3vhc-vT9nQ7vrqtgRKParT8Oth2rSDPTnsgZg0iIcHgtncvEYs0_AFSmWkTKaRR8Iz7b_fzAUi-ich_EvH2TqI1NNthkX9p1zMPjtsHF8NVHXodhKq5aA9XbyvYPzVrAAUN9o0pMmtujcCqS8YOBRudNJO0XwRK_wNP1hwo6DhxBLbEyRHXijqqhJ9tbnLXbevGkAZfTjcQMUyxlWFkqXxUtXoQl0eZGisKDTzujFuVC78iaFPaBtRicxYv7qyQYt2OPyy3ktlVVzlRWHIpb8TBpBGh2nwqDW0pwcsemsrEuZZ6gFpGH7Sg8fFX28x3bwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 90b7002bdcea56a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1479922185:1738462237:ccHiTFj5korlMdiwswNkg4Ng3dTqbyZIFttK_D4iFdk/90b70017596f56a5/CglMCAeQtQWUTU_RIV5fuhtIzPDjTUHJIjC.wZXvl9s-1738465954-1.1.1.1-6JI.XwbxaoSSkNcOYjzk1KOcixvlwH4I3OYwiYpapceSo8YUgiyqB4qcD07FpeTG

104.18.95.41

200 OK

29 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1479922185:1738462237:ccHiTFj5korlMdiwswNkg4Ng3dTqbyZIFttK_D4iFdk/90b70017596f56a5/CglMCAeQtQWUTU_RIV5fuhtIzPDjTUHJIjC.wZXvl9s-1738465954-1.1.1.1-6JI.XwbxaoSSkNcOYjzk1KOcixvlwH4I3OYwiYpapceSo8YUgiyqB4qcD07FpeTG
IP
104.18.95.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27932), with no line terminators
Size
29 kB (28812 bytes)
Hash
c7699d3acb617dca40a3a5edf1a35ff8
00bf4b30aca47744d9a71a36aa4b4db358f5155f
5f6691499f126b07a7ee92daa2deb7d47e086cdec34eecbac0ee73b9886baee8

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1479922185:1738462237:ccHiTFj5korlMdiwswNkg4Ng3dTqbyZIFttK_D4iFdk/90b70017596f56a5/CglMCAeQtQWUTU_RIV5fuhtIzPDjTUHJIjC.wZXvl9s-1738465954-1.1.1.1-6JI.XwbxaoSSkNcOYjzk1KOcixvlwH4I3OYwiYpapceSo8YUgiyqB4qcD07FpeTG HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x5kfv/0x4AAAAAAA5e23v55LAv0QnZ/auto/fbE/new/normal/auto/
cf-chl: CglMCAeQtQWUTU_RIV5fuhtIzPDjTUHJIjC.wZXvl9s-1738465954-1.1.1.1-6JI.XwbxaoSSkNcOYjzk1KOcixvlwH4I3OYwiYpapceSo8YUgiyqB4qcD07FpeTG
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 30557
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 02 Feb 2025 03:12:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: b/C2Z2trcp5OerfB22S1DI1sRqneywkHnVqbQSO8d4lBCgs5Ev1Vb5pdgKHUHYAi$YpU4a4FGktgI9WgBpYBucQ==
priority: u=3,i=?0
server: cloudflare
cf-ray: 90b7002dce7856a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 02 Feb 2025 03:12:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1387885
expires: Fri, 23 Jan 2026 03:12:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDrc%2FuVAs5n%2FYvY8uhqxwPUu83zrlT%2BkreM3Uk%2BgoFSWVzBzAzxSVb6dvmMDFEPmzaTXD2bbHm2NmANzWAyM9HHq%2F7ZjsoJrEPOuTQt8vIZAB21uyDs4dT2Xq1yZGhmRXBuTwYBw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 90b700509d6bb4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

151.101.130.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 02 Feb 2025 03:12:43 GMT
age: 6449330
x-served-by: cache-lga21963-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 38, 146508
x-timer: S1738465964.642076,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C
ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Jan 2025 10:23:27 GMT
expires: Fri, 30 Jan 2026 10:23:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 233356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

6612271478-1323985617.cos.ap-seoul.myqcloud.com/bootstrap.min.js

119.28.146.206

200 OK

553 kB

URL GET HTTP/1.1
6612271478-1323985617.cos.ap-seoul.myqcloud.com/bootstrap.min.js
IP
119.28.146.206:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerGlobalSign nv-sa
Subject*.cos.ap-seoul.myqcloud.com
Fingerprint93:E8:D6:F0:1F:B1:84:80:2E:25:F7:68:DA:97:5E:47:6C:93:B1:0F
ValidityMon, 26 Feb 2024 07:36:10 GMT - Sat, 29 Mar 2025 07:36:09 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
553 kB (553320 bytes)
Hash
7e6efe4e695d27bc64f6455d76c5ad25
c6458211608458b2b6b4286e55eb5e5ce9e4f2ec
84eb9582215f3519ee18beba6e0e51d5ca0fd2e36c1c8bd17c24ef2c4d412b4e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /bootstrap.min.js HTTP/1.1
Host: 6612271478-1323985617.cos.ap-seoul.myqcloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 553320
Connection: keep-alive
Accept-Ranges: bytes
Content-Disposition: attachment
Date: Sun, 02 Feb 2025 03:12:45 GMT
ETag: "7e6efe4e695d27bc64f6455d76c5ad25"
Last-Modified: Thu, 16 Jan 2025 14:31:52 GMT
Server: tencent-cos
x-cos-force-download: true
x-cos-hash-crc64ecma: 4977177994734712791
x-cos-request-id: Njc5ZWUyYWRfNjRlMmExZF8yMmM4Zl9iYjY2OWFi

ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net

172.67.160.17

200 OK

39 kB

URL User Request POST HTTP/3
ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
IP
172.67.160.17:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfilestoredocs.com
FingerprintE1:DE:87:5D:53:23:6E:43:CA:90:83:4E:37:AD:27:B8:F2:03:E2:3A
ValidityThu, 16 Jan 2025 12:54:15 GMT - Wed, 16 Apr 2025 12:42:34 GMT

File type
HTML document, ASCII text, with very long lines (51636)
Size
39 kB (39354 bytes)
Hash
a27682cad786cf1483a7f0e5383dd8e7
744119996afc124572adb8202eebc4b6ba013105
5ba4972626d90cf4e9a685a171ec83ec8b65c8bdf3635ca7accbe13bf69db75b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

POST /O1W79/?e=kasey.fuller@slurpmail.net HTTP/1.1
Host: ppruthvirajdattakaleguru.filestoredocs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 966
Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Cookie: PHPSESSID=rve23bmg9mg82ktfft6ggpgnvl
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 02 Feb 2025 03:12:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SbGxA5lt%2FVhz3gk09DSGVkkTe1zeUbeuzP%2BZBdA6JzIDzoZeLBDPPdmFetuOpAFibIFcloqrj11zuSoIqTwV1230byeEkHTTd%2FiKOXEfyG34tkuZgc3ekWOGXr8OFFvtpkQRR3WsI32mv7nMudXQZ5V4cNDSDoXjbxvixiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b7004eaaf1b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7504&min_rtt=5358&rtt_var=5795&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5070&recv_bytes=2859&delivery_rate=2418&cwnd=12000&unsent_bytes=0&cid=051fdea306cc9527&ts=9321&x=1", cfExtPri, cfHdrFlush;dur=0

6612271478.identityinbuilding.com/next.php

69.49.246.64

200 OK

16 B

URL POST HTTP/1.1
6612271478.identityinbuilding.com/next.php
IP
69.49.246.64:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerLet's Encrypt
Subject6612271478.identityinbuilding.com
Fingerprint96:99:9E:D5:ED:5B:E9:13:15:E6:4A:D8:4C:A7:6F:E7:51:6E:E7:76
ValidityThu, 16 Jan 2025 13:33:36 GMT - Wed, 16 Apr 2025 13:33:35 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
1f57cbd1f1a1ced8f62d34242408414c
52279c54b16f0a88d43d57b4cbb9813ea3cc39ab
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

POST /next.php HTTP/1.1
Host: 6612271478.identityinbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 13
Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 02 Feb 2025 03:12:46 GMT
Server: Apache
Access-Control-Allow-Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ppruthvirajdattakaleguru.filestoredocs.com/favicon.ico

172.67.160.17

404 Not Found

830 B

URL GET HTTP/3
ppruthvirajdattakaleguru.filestoredocs.com/favicon.ico
IP
172.67.160.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectfilestoredocs.com
FingerprintE1:DE:87:5D:53:23:6E:43:CA:90:83:4E:37:AD:27:B8:F2:03:E2:3A
ValidityThu, 16 Jan 2025 12:54:15 GMT - Wed, 16 Apr 2025 12:42:34 GMT

File type
HTML document, ASCII text
Size
830 B (830 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ppruthvirajdattakaleguru.filestoredocs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Cookie: PHPSESSID=rve23bmg9mg82ktfft6ggpgnvl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 02 Feb 2025 03:12:45 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 11
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXhHTYii%2BHsjRiEEi5qGJHgo5flzSVysai8g7Gq8mLqXKKooWG7I6eMM3DuQZVIxGJoGj4wnHRypcLqhm5PK6uOZ8%2FnaKtDE%2Bs%2BEbln78SZRt7vor8N2tpbM9RnuA2LYhitNzr%2FLrmTDbDSrJU0wUKYui76oHuBf7%2F8be%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b70059becbb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6175&min_rtt=2041&rtt_var=3696&sent=45&recv=16&lost=0&retrans=0&sent_bytes=35377&recv_bytes=3406&delivery_rate=1355522&cwnd=24000&unsent_bytes=0&cid=051fdea306cc9527&ts=11017&x=1", cfExtPri, cfHdrFlush;dur=0

aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg

13.107.246.53

200 OK

621 B

URL GET HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
621 B (621 bytes)
Hash
4e48046ce74f4b89d45037c90576bfac
4a41b3b51ed787f7b33294202da72220c7cd2c32
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

HTTP Headers

GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 02 Feb 2025 03:12:53 GMT
content-type: image/svg+xml
content-length: 621
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
x-ms-request-id: 8730ee87-a01e-0045-6623-6d610a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250202T031253Z-169694967cfjc8b8hC1SVGmq340000000ub000000000267x
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico

13.107.246.53

200 OK

17 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
13.107.246.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 02 Feb 2025 03:12:53 GMT
content-type: image/x-icon
content-length: 17174
cache-control: public, max-age=604800
last-modified: Fri, 02 Nov 2018 20:25:25 GMT
etag: 0x8D6410152A9D7E1
x-ms-request-id: 76baf22c-a01e-004e-08f0-70d273000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250202T031253Z-169694967cfjc8b8hC1SVGmq340000000ub000000000267y
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

6612271478.identityinbuilding.com/next.php

69.49.246.64

200 OK

99 B

URL POST HTTP/1.1
6612271478.identityinbuilding.com/next.php
IP
69.49.246.64:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerLet's Encrypt
Subject6612271478.identityinbuilding.com
Fingerprint96:99:9E:D5:ED:5B:E9:13:15:E6:4A:D8:4C:A7:6F:E7:51:6E:E7:76
ValidityThu, 16 Jan 2025 13:33:36 GMT - Wed, 16 Apr 2025 13:33:35 GMT

File type
JSON text data
Size
99 B (99 bytes)
Hash
dc3dd6a908031425cf92f166468ce315
12b8d636416fa2c8f3ab70cf9d1ccf34df1e4efb
f82db641ae659d9b4073906a36858c0e5317338606c09a6967ee72c0687551f0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

POST /next.php HTTP/1.1
Host: 6612271478.identityinbuilding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 41
Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 02 Feb 2025 03:12:53 GMT
Server: Apache
Access-Control-Allow-Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint53:78:04:46:B4:48:0A:28:30:67:23:9B:D5:25:73:FE:FA:81:58:19
ValidityThu, 16 Jan 2025 00:27:53 GMT - Wed, 16 Apr 2025 01:27:34 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 02 Feb 2025 03:12:43 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2024 02:53:43
cdn-edgestorageid: 1029
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: c6c8a086d090f1d2baac8a7b0c894894
cdn-cache: HIT
cf-cache-status: HIT
age: 1473858
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 90b700507f470afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

23.36.79.136

200 OK

1.9 kB

URL GET HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP
23.36.79.136:443
ASN
#20940 Akamai International B.V.

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subjectidnaakamaicdn.msftauth.net
FingerprintDC:51:C1:FA:8A:C3:85:DA:8E:3C:1C:06:37:00:90:7A:B4:62:A9:DC
ValidityFri, 27 Dec 2024 18:21:36 GMT - Mon, 22 Dec 2025 18:21:36 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1864 bytes)
Hash
4b5c228b4faba433d06ec569ed855b2d
a7d3882b93e332460e7c59510a6a811ef011983f
eb19d76cd1fad39abf0f2778991883a5cf9ff560117ce8f7c64124e71471b4ed

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 673
content-type: image/svg+xml
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
last-modified: Wed, 15 Jan 2025 17:54:26 GMT
accept-ranges: bytes
etag: "0x8DD358DA72AAF33"
x-ms-request-id: 6471a91d-601e-0074-7d76-67603e000000
x-ms-version: 2018-03-28
access-control-expose-headers: Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
access-control-allow-origin: *
cache-control: public, max-age=30033582
date: Sun, 02 Feb 2025 03:12:53 GMT
vary: Accept-Encoding
akamai-grn: 0.844f2417.1738465973.2b3b7ad6
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

49 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ppruthvirajdattakaleguru.filestoredocs.com/O1W79/?e=kasey.fuller@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint53:78:04:46:B4:48:0A:28:30:67:23:9B:D5:25:73:FE:FA:81:58:19
ValidityThu, 16 Jan 2025 00:27:53 GMT - Wed, 16 Apr 2025 01:27:34 GMT

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ppruthvirajdattakaleguru.filestoredocs.com
DNT: 1
Connection: keep-alive
Referer: https://ppruthvirajdattakaleguru.filestoredocs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 02 Feb 2025 03:12:43 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:46:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: 1bffbdb0a692a53b8553db409d3743bc
cdn-cache: HIT
cf-cache-status: HIT
age: 470058
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 90b700509fa57131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations