autodiscover.beauville.com/
194.250.143.217 0 B URL autodiscover.beauville.com/
IP 194.250.143.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET / HTTP/1.1
Host: autodiscover.beauville.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache
pragma: no-cache
location: https://autodiscover.beauville.com/owa/
server: Microsoft-IIS/10.0
x-feserver: EXCH2019
x-requestid: 93bede50-6cfc-4dc8-9604-3edc037f47c0
date: Fri, 03 May 2024 23:29:54 GMT
content-length: 0
X-Firefox-Spdy: h2
autodiscover.beauville.com/owa/
194.250.143.217 238 B URL autodiscover.beauville.com/owa/
IP 194.250.143.217:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 58f8bd2e92fe79a8a4bdebcfcfb31e52
7416ab07e02cf0d576424730d135078ebf65d833
fa041dae13165e05710fd0f3be6600377515a6aeff4e83a557c67a2bea6c225f
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/ HTTP/1.1
Host: autodiscover.beauville.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://autodiscover.beauville.com/owa/auth/logon.aspx?url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f&reason=0
server: Microsoft-IIS/10.0
request-id: 8090f1ec-eca4-4589-b477-9b2a89258e56
x-owa-version: 15.2.1258.28
x-powered-by: ASP.NET
x-feserver: EXCH2019
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 May 2024 23:29:54 GMT
content-length: 238
X-Firefox-Spdy: h2
autodiscover.beauville.com/owa/auth/logon.aspx?url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f&reason=0
194.250.143.217 28 kB URL autodiscover.beauville.com/owa/auth/logon.aspx?url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f&reason=0
IP 194.250.143.217:0
File type HTML document, ASCII text, with very long lines (1062), with CRLF, LF line terminators
Hash a12516be4ffe49bd7f00cacac556ca4c
f10a923ead04ab8b73ee1f75639d0b32b6cb722a
9555778b9113e929f4dd188c0267f2a73d2ca7e8f59c4aa9124f4b3186ec5697
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f&reason=0 HTTP/1.1
Host: autodiscover.beauville.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
request-id: 61e2d6bb-2b0f-4e4d-9a9d-89763bc9c65b
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 May 2024 23:29:54 GMT
content-length: 27998
X-Firefox-Spdy: h2
autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
194.250.143.217200 OK 59 kB URL User Request GET HTTP/2 autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
IP 194.250.143.217:443
Certificate IssuerLet's Encrypt
Subjectwebmail.beauville.com
FingerprintE7:1F:7B:45:E6:64:D5:18:46:83:5B:4E:87:56:00:0F:96:D3:DC:BF
ValidityWed, 27 Mar 2024 08:05:05 GMT - Tue, 25 Jun 2024 08:05:04 GMT
File type HTML document, ASCII text, with very long lines (10414), with CRLF, LF line terminators
Hash 941673d56e1e2f03214d7e5c2a114050
78fec3850e28ed726006f5aea75d024f072994f7
7e88e58aca8349ca4253e95d96908135ce3f73330aef7ae16c0f98a35a15e886
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f HTTP/1.1
Host: autodiscover.beauville.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autodiscover.beauville.com/owa/auth/logon.aspx?url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f&reason=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
request-id: b5edbc95-448f-4405-b7f4-63b57f81a81d
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 May 2024 23:29:54 GMT
content-length: 58798
X-Firefox-Spdy: h2
autodiscover.beauville.com/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf
194.250.143.217200 OK 57 kB URL GET HTTP/2 autodiscover.beauville.com/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf
IP 194.250.143.217:443
Requested by https://autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
Certificate IssuerLet's Encrypt
Subjectwebmail.beauville.com
FingerprintE7:1F:7B:45:E6:64:D5:18:46:83:5B:4E:87:56:00:0F:96:D3:DC:BF
ValidityWed, 27 Mar 2024 08:05:05 GMT - Tue, 25 Jun 2024 08:05:04 GMT
File type TrueType Font data, 18 tables, 1st "LTSH", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI RegularVersion 0.81 Build 159S
Hash 8af990b6ad3ba192c2dd6a193890bf5f
4db5bf117ff8f1392fab3b438216d7cff4ae4976
c147c2ec76a8ab8bd5082f1f4d3f80a43c689165cb164cdd812e44048fe38708
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: autodiscover.beauville.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: application/octet-stream
last-modified: Tue, 12 Feb 2019 16:46:18 GMT
accept-ranges: bytes
etag: "069af79f2c2d41:0"
server: Microsoft-IIS/10.0
request-id: 26ae123f-a536-4f1b-9b2c-164515dc75b1
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 May 2024 23:29:54 GMT
content-length: 56760
X-Firefox-Spdy: h2
autodiscover.beauville.com/owa/auth/15.2.1258/themes/resources/segoeui-semilight.ttf
194.250.143.217200 OK 42 kB URL GET HTTP/2 autodiscover.beauville.com/owa/auth/15.2.1258/themes/resources/segoeui-semilight.ttf
IP 194.250.143.217:443
Requested by https://autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
Certificate IssuerLet's Encrypt
Subjectwebmail.beauville.com
FingerprintE7:1F:7B:45:E6:64:D5:18:46:83:5B:4E:87:56:00:0F:96:D3:DC:BF
ValidityWed, 27 Mar 2024 08:05:05 GMT - Tue, 25 Jun 2024 08:05:04 GMT
File type TrueType Font data, 16 tables, 1st "OS/2", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16
Hash 6c26c24aabe31040657665b1e0d9505c
b3bdc48643752665e3e5798a192b27432a87d234
2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.2.1258/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: autodiscover.beauville.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: application/octet-stream
last-modified: Fri, 11 May 2018 18:11:29 GMT
accept-ranges: bytes
etag: "805ea77b53e9d31:0"
server: Microsoft-IIS/10.0
request-id: 09b6b210-d994-4382-ac13-0aa0b1168711
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 May 2024 23:29:54 GMT
content-length: 41560
X-Firefox-Spdy: h2
autodiscover.beauville.com/owa/auth/15.2.1258/themes/resources/favicon.ico
194.250.143.217200 OK 7.9 kB URL GET HTTP/2 autodiscover.beauville.com/owa/auth/15.2.1258/themes/resources/favicon.ico
IP 194.250.143.217:443
Requested by https://autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
Certificate IssuerLet's Encrypt
Subjectwebmail.beauville.com
FingerprintE7:1F:7B:45:E6:64:D5:18:46:83:5B:4E:87:56:00:0F:96:D3:DC:BF
ValidityWed, 27 Mar 2024 08:05:05 GMT - Tue, 25 Jun 2024 08:05:04 GMT
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Hash 759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.2.1258/themes/resources/favicon.ico HTTP/1.1
Host: autodiscover.beauville.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autodiscover.beauville.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.beauville.com%2fowa%2f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: image/x-icon
last-modified: Wed, 01 Mar 2023 18:24:57 GMT
accept-ranges: bytes
etag: "80a239206b4cd91:0"
server: Microsoft-IIS/10.0
request-id: 12af57ae-e046-41d0-8ee6-3d8e24f0e1ed
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 May 2024 23:29:54 GMT
content-length: 7886
X-Firefox-Spdy: h2