sharedfolder.kaudiaestate.com/protocols/office.php
200 OK 2.9 kB URL User Request GET HTTP/2 sharedfolder.kaudiaestate.com/protocols/office.php
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Certificate IssuerLet's Encrypt
Subjectsharedfolder.kaudiaestate.com
FingerprintE7:56:0C:58:EB:A7:AA:2A:BF:D4:70:CD:E1:FA:0C:7B:98:BE:85:71
ValidityMon, 30 Oct 2023 22:33:40 GMT - Sun, 28 Jan 2024 22:33:39 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e10155b8e21c22ddc5a16bde6d78c915
41a4ea91c826660456efec6ea87e4df99588503e
3d2fb4b2891586c0c16debbf7a78faaa84f3e5829d2803d55742cc8ca85d0390
Analyzer Verdict Alert OpenPhish phishing Outlook
GET /protocols/office.php HTTP/1.1
Host: sharedfolder.kaudiaestate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=8f4a93f3da4438a537db533da77764f2; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 2907
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 12:38:39 GMT
server: Apache
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.1.1.min.js
200 OK 30 kB URL GET HTTP/2 code.jquery.com/jquery-3.1.1.min.js
IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32030)
Hash e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sharedfolder.kaudiaestate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 28 Nov 2023 12:38:39 GMT
age: 6374519
x-served-by: cache-lga21947-LGA, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 119, 145811
x-timer: S1701175120.968403,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.js
200 OK 12 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.js
IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (511)
Hash 39f269417ff5b840986d3b410e3aa139
104470bdc520cb86cd99ac80f9c7dd9dca7e5626
be18bc4f0ddf05cf8bf13e96bf167fae6741d00c01a950edc5cf2b90afd5ba17
GET /ajax/libs/jquery-validate/1.19.0/jquery.validate.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sharedfolder.kaudiaestate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 12:38:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 11611
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c5e3"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 285081
expires: Sun, 17 Nov 2024 12:38:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijsLEcDj62yFi%2BrOcG4ZOAx8um4XNVBw57GNs793mm%2BsMBp5ayURNLlhNoHKz6RlKfhvi%2FqPZkp0LzjO5NTdPFqA26JQfXDxxqUDadqUnctaSmmhPu43XZxdMJRxq%2BZBPH8NXeZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2ab53c93b56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
200 OK 1.4 kB URL GET HTTP/2 aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerDigiCert Inc
Subjectaadcdn.msftauth.net
Fingerprint99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6
ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
GET /ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sharedfolder.kaudiaestate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 356714
cache-control: public, max-age=604800
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
content-type: image/svg+xml
date: Tue, 28 Nov 2023 12:38:39 GMT
etag: 0x8D64101507E84BD
last-modified: Fri, 02 Nov 2018 20:25:22 GMT
server: ECAcc (ska/F695)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d772bde7-801e-006f-69b9-1e911b000000
x-ms-version: 2009-09-19
content-length: 1435
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 18664, version 1.0\012- data
Hash 8d1c44b2bf75a4e6f1bd141f9a965f4f
1e5dfdb7ca5ee8e823f9f5787f84b18fbdc38434
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
GET /s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharedfolder.kaudiaestate.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:50 GMT
expires: Fri, 22 Nov 2024 23:21:50 GMT
cache-control: public, max-age=31536000
age: 393410
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
200 OK 17 kB URL GET HTTP/2 aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerDigiCert Inc
Subjectaadcdn.msftauth.net
Fingerprint99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6
ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sharedfolder.kaudiaestate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 17137
cache-control: public, max-age=604800
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Tue, 28 Nov 2023 12:38:40 GMT
etag: 0x8D641014D44D8FD
last-modified: Fri, 02 Nov 2018 20:25:16 GMT
server: ECAcc (ska/F77B)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ff6cf64e-f01e-0034-22cf-21d73f000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
200 OK 17 kB URL GET HTTP/2 aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerDigiCert Inc
Subjectaadcdn.msftauth.net
Fingerprint99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6
ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sharedfolder.kaudiaestate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 17137
cache-control: public, max-age=604800
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Tue, 28 Nov 2023 12:38:40 GMT
etag: 0x8D641014D44D8FD
last-modified: Fri, 02 Nov 2018 20:25:16 GMT
server: ECAcc (ska/F77B)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ff6cf64e-f01e-0034-22cf-21d73f000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&display=swap
200 OK 280 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans&display=swap
IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Size 280 kB (280487 bytes)
Hash 3d3e67bb9b1e5d1dce3509375b7e0773
ba83f6a0e389d7a93c718401b8c119c1a4917f46
75e0a7f68f3495a373c3aa78af657e472cf48b325f86879f19cde8d49147e55c
GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sharedfolder.kaudiaestate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 12:38:40 GMT
date: Tue, 28 Nov 2023 12:38:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.imgur.com/I4Qd9nH.jpg
200 OK 280 kB IP
Requested by https://sharedfolder.kaudiaestate.com/protocols/office.php
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 280 kB (279839 bytes)
Hash 3fc2cc6cda0918247d338d965387f330
c9c29bd4530ce1871e0b29e79739d5b9811b2d8f
e3e1a3fdc2a06f30e03ee7c32ff1bc243c74fb7e5baa0f826f68fcb927a782a4
GET /I4Qd9nH.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sharedfolder.kaudiaestate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 08 Jun 2019 17:27:13 GMT
etag: "3fc2cc6cda0918247d338d965387f330"
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: LJr0eR4zhbsjeoqAB_CeRwnp_MbrSNLtsx_HC4u9ji__ZIzFz6ov6w==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 28 Nov 2023 12:38:40 GMT
age: 1575645
x-served-by: cache-iad-kcgs7200021-IAD, cache-hel1410028-HEL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 188, 0
x-timer: S1701175120.309525,VS0,VE493
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 279839
X-Firefox-Spdy: h2
119.18.54.19
104.17.25.14
152.199.23.37
151.101.244.193