user-app.sentieo.com/alert/alert_click/?tp=eyJlbWFpbCI6ICJoYXJ2ZXlAY3Jhd2ZvcmRsYWtlY2FwaXRhbC5jb20iLCAidGlja2VyIjogInNlIiwgIm1ldGFfdHlwZSI6ICJkb2N1bWVudCIsICJhbGVydF90eXBlIjogImRzX2FsZXJ0X3NtYXJ0X3N1bW1hcnkiLCAibGlua190eXBlIjogImFsZXJ0X3R5cGVfdW5zdWIifQ==&url=//portyardlimited.co.ke/pkdkwe/aewqewe/tyspz/TEtpcmticmlkZUBkYXZpc2Z1cm5pdHVyZS5jb20=
0 B URL user-app.sentieo.com/alert/alert_click/?tp=eyJlbWFpbCI6ICJoYXJ2ZXlAY3Jhd2ZvcmRsYWtlY2FwaXRhbC5jb20iLCAidGlja2VyIjogInNlIiwgIm1ldGFfdHlwZSI6ICJkb2N1bWVudCIsICJhbGVydF90eXBlIjogImRzX2FsZXJ0X3NtYXJ0X3N1bW1hcnkiLCAibGlua190eXBlIjogImFsZXJ0X3R5cGVfdW5zdWIifQ==&url=//portyardlimited.co.ke/pkdkwe/aewqewe/tyspz/TEtpcmticmlkZUBkYXZpc2Z1cm5pdHVyZS5jb20=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /alert/alert_click/?tp=eyJlbWFpbCI6ICJoYXJ2ZXlAY3Jhd2ZvcmRsYWtlY2FwaXRhbC5jb20iLCAidGlja2VyIjogInNlIiwgIm1ldGFfdHlwZSI6ICJkb2N1bWVudCIsICJhbGVydF90eXBlIjogImRzX2FsZXJ0X3NtYXJ0X3N1bW1hcnkiLCAibGlua190eXBlIjogImFsZXJ0X3R5cGVfdW5zdWIifQ==&url=//portyardlimited.co.ke/pkdkwe/aewqewe/tyspz/TEtpcmticmlkZUBkYXZpc2Z1cm5pdHVyZS5jb20= HTTP/1.1
Host: user-app.sentieo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 04 Dec 2023 22:06:29 GMT
content-type: text/html; charset=utf-8
content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com mathjax.rstudio.com *.federalreserve.gov *.amazon.com *.amazonaws.com *.usemessages.com *.segment.io fullstory.com *.licdn.com *.customer.io *.intercom.io *.hs-scripts.com *.hsleadflows.net *.sentieotest.net *.hs-analytics.com *.hs-analytics.net *.sentieo.com *.customer.io *.facebook.com *.facebook.net *.googleadservices.com *.google-analytics.com *.hs-analytics.com *.quora.com *.ads-twitter.com *.fullstory.com *.google.com *.heapanalytics.com *.hubspot.com *.segment.com *.jquery.com *.bootstrapcdn.com *.officeapps-df.live.com login.live.com *.officeapps.live.com; img-src * 'self' data:; media-src *;font-src * data:;style-src * 'self' 'unsafe-inline';
vary: Cookie, Origin
time-taken-api: 13.916015625
location: //portyardlimited.co.ke/pkdkwe/aewqewe/tyspz/TEtpcmticmlkZUBkYXZpc2Z1cm5pdHVyZS5jb20=
requestid: 872163fee6d80a470eede4e060f0e0f5
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
portyardlimited.co.ke/pkdkwe/aewqewe/tyspz/TEtpcmticmlkZUBkYXZpc2Z1cm5pdHVyZS5jb20=
0 B URL portyardlimited.co.ke/pkdkwe/aewqewe/tyspz/TEtpcmticmlkZUBkYXZpc2Z1cm5pdHVyZS5jb20=
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /pkdkwe/aewqewe/tyspz/TEtpcmticmlkZUBkYXZpc2Z1cm5pdHVyZS5jb20= HTTP/1.1
Host: portyardlimited.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://vuh64v1rij.unsation.sbs/?email=LKirkbride@davisfurniture.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 22:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
200 OK 35 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
IP
Requested by https://vuh64v1rij.unsation.sbs/?email=LKirkbride@davisfurniture.com
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65342)
Hash cd822b7fd22c8a95a68470c795adea69
1f139981b9b47a766efa0a61bb78ada351f16c4b
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
GET /npm/bootstrap@5.3.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vuh64v1rij.unsation.sbs
DNT: 1
Connection: keep-alive
Referer: https://vuh64v1rij.unsation.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.3.2
x-jsd-version-type: version
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:06:31 GMT
age: 4477447
x-served-by: cache-fra-etou8220083-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34902
X-Firefox-Spdy: h2
vuh64v1rij.unsation.sbs/?email=LKirkbride@davisfurniture.com
200 OK 24 kB URL User Request GET HTTP/1.1 vuh64v1rij.unsation.sbs/?email=LKirkbride@davisfurniture.com
IP
Certificate IssuerLet's Encrypt
Subjectwww.vuh64v1rij.unsation.sbs
Fingerprint33:9E:FA:FC:05:F7:73:76:CB:8D:4E:AE:A5:30:89:06:B1:EA:EA:98
ValidityMon, 04 Dec 2023 18:25:24 GMT - Sun, 03 Mar 2024 18:25:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19657), with CRLF line terminators
Hash 7b2226d632b9ec41f20ff788f7018fbd
8f5395fdc668c1c64495f5bbba09b43d67285417
62f9e21ee006e0a7748d2e458fc5511c1f2a76f1b17b1a57cfbbf74a5c1d1977
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /?email=LKirkbride@davisfurniture.com HTTP/1.1
Host: vuh64v1rij.unsation.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 22:06:30 GMT
Server: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.4.1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=6ecbf03268114808b02a352f48d085bc; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 24030
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
200 OK 25 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
IP
Requested by https://vuh64v1rij.unsation.sbs/?email=LKirkbride@davisfurniture.com
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with very long lines (65299)
Hash 6baf57f25796c332144ed58a2a0cd9ee
f7fd0f3dc84b2cf93bf81e832505a673f354e0a3
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
GET /npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vuh64v1rij.unsation.sbs
DNT: 1
Connection: keep-alive
Referer: https://vuh64v1rij.unsation.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.3.2
x-jsd-version-type: version
etag: W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:06:31 GMT
age: 5355345
x-served-by: cache-fra-etou8220085-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25109
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://vuh64v1rij.unsation.sbs/?email=LKirkbride@davisfurniture.com
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vuh64v1rij.unsation.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:43 GMT
expires: Wed, 06 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 433733
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
44.212.162.24
203.161.61.6