Report - brbrbr.blob.core.windows.net/home/mua1/index.html

Report Overview

Submitted URL
brbrbr.blob.core.windows.net/home/mua1/index.html
IP
20.209.1.107
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-04-26 18:07:03
Access
public
Website Title
Bancolombia Sucursal Virtual Personas
Final URL
brbrbr.blob.core.windows.net/home/mua1/index.html
Tags
bancolombia financial phishing suspicious
urlquery detections
Phishing - Bancolombia
Suspicious - Suspicious Javascript code

Detections

urlquery
40
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-26	443 B	32 kB	142.250.74.106
ipinfo.io	8136	2013-04-23	2013-12-16	2024-04-25	482 B	790 B	34.117.186.192
api.ipify.org	3267	2014-01-05	2014-10-06	2024-04-25	498 B	267 B	104.26.13.205
brbrbr.blob.core.windows.net	unknown	1995-08-10	2024-03-06	2024-03-07	9.9 kB	1.2 MB	20.209.1.107

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	brbrbr.blob.core.windows.net/home/mua1/index.html	Bancolombia

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	brbrbr.blob.core.windows.net/home/mua1/js/jquery-1.10.1.js.descarga	146 kB	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/js/jquery-1.10.1.js.descarga IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen216 Hash 43ab7751f1e8455471908c97a5977a6a 84ac89e3f5529b2a8f45032bd421d192b6b466ed 751bcbcd434089a9b12e9339a1891607ee99659ae3a674a6709e9a74dab21cd1 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-07
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-07 12:28:36 Times Seen141813 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	brbrbr.blob.core.windows.net/home/mua1/js/jquery-ui.js.descarga	228 kB	2023-03-07	2024-05-03
Pretty URL brbrbr.blob.core.windows.net/home/mua1/js/jquery-ui.js.descarga IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-05-03 22:12:52 Times Seen531 Hash 12a65fcb49c314e8dbbcf8d090d26b8a 679dc5cc110ee2c7b083cf52541544c01efea018 8072615124c5bc2634fdecc09485c8b645c78ea27c212c3d61b80c26112bdcb8 Loading...

	brbrbr.blob.core.windows.net/home/mua1/index.html	237 B	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/index.html IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen203 Hash 7785316f6352a0e08b0f360c47cc9517 3b1fd03d12263e5efe8e6cf660078eb525ca6d34 73533299d781797b91492e539cbf2b708fd88ea62d42d53b8538474aa5644bec Loading...

	brbrbr.blob.core.windows.net/home/mua1/js/jquery.validate-1.11.1.js.descarga	26 kB	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/js/jquery.validate-1.11.1.js.descarga IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen308 Hash ea15990a79091cfec6b371194c3d26dc a5790e56d3ea1fb17ccc4d069dbba0781b35f055 23df149b107329b3e406b0f70b5e1bdf2455f7f4ee4e90b00e0dbfcf773e98a1 Loading...

	brbrbr.blob.core.windows.net/home/mua1/js/jquery.jclockNew.js.descarga	7.8 kB	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/js/jquery.jclockNew.js.descarga IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen332 Hash d5bd855b1a1ae610dab2f426107bc101 f3172d1d3ce6a90da44554d3c0d7bbc9910134a0 c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074 Loading...

	brbrbr.blob.core.windows.net/home/mua1/index.html	188 B	2023-03-07	2024-04-28
Pretty URL brbrbr.blob.core.windows.net/home/mua1/index.html IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-28 07:27:01 Times Seen153 Hash b3b503622ed5a0a9948eca48101c20ae f34387ef59eaebe05d0770f5be3d82d9c3a194d2 9866c44d7e9f93ab6a8bfcfdb571b8eec5bc61b625def02978d0dca4828f7e75 Loading...

	brbrbr.blob.core.windows.net/home/mua1/index.html	172 B	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/index.html IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen17 Hash b02b158cdcc32c207676f9ec19edbdaf c7365a220afd3680fe577e4a9dbc667647e8e6d2 ab42fa3797709caaaab25a48bcae5714c7a9b7988d8516108c9afc51dd4b1149 Loading...

	brbrbr.blob.core.windows.net/home/mua1/index.html	536 B	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/index.html IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen17 Hash 28698056dc76c3cee5c4459aefbe36ab d78b00964739a00cec14db506876f5b5c4fee21f 408bdef6d8cf08023adadf987e517f52c2fc713383db4e1a527f14c235bb8f46 Loading...

	unknown	23 B	2023-04-11	2024-04-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 08:38:37 Last Seen2024-04-27 07:29:06 Times Seen53 Hash 5018ed812a3025c7b9203519d7a9b975 9b878b298fa60e1f6e05651c7bc883d02229d311 af7ec1a68909aebf4829786ef10ad22e1cc2535ba4b0a736c6e42a13ff335ac8 Loading...

	brbrbr.blob.core.windows.net/home/mua1/index.html	256 B	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/index.html IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen16 Hash 92586154561c2477bb6c71d52d9a2574 d5b199e10dfc8052c8c7c98e15bdf80dc2d8bbdb 1d184864b519d4a32e00c054237527c2be2d3967033842c2207a06b42dcad1a1 Loading...

	brbrbr.blob.core.windows.net/home/mua1/index.html	188 B	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/index.html IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen30 Hash 6f67e294309a4b771a3d55a8e3139352 bf9cbc0eb63fb189357c8f66dbd86f6fabfbd168 2fadce1cf2c7cd52f1ca3f8d1b2ce0ab7666a1df9b28e507eeedaaac0f93937d Loading...

	brbrbr.blob.core.windows.net/home/mua1/js/bluebird.min.js.descarga	80 kB	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/js/bluebird.min.js.descarga IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen358 Hash 5f381fc63d93a438adaca9c43041efb6 3d186ac6d244691754303d3153839bf42b57f7d1 fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d Loading...

	brbrbr.blob.core.windows.net/home/mua1/index.html	463 B	2023-09-25	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/index.html IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-25 07:36:30 Last Seen2024-04-27 07:29:06 Times Seen5 Hash 2949fba4e4056a83a931d530ae870aa9 5007e599ac788e79c30adc03851882d2568546c3 83bccae8eb888da83a2384ea192d7582f78c95932d8724fcb286a2628acf9d5e Loading...

	brbrbr.blob.core.windows.net/home/mua1/js/bootstrap.js.descarga	36 kB	2023-03-07	2024-04-27
Pretty URL brbrbr.blob.core.windows.net/home/mua1/js/bootstrap.js.descarga IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-27 07:29:06 Times Seen251 Hash ac685232d37fd9ea8e5adec8ea2964e0 4a60cb8af1fc731ef2f578773ae67aaaac959a7f a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73 Loading...

	brbrbr.blob.core.windows.net/home/mua1/js/sax.js	1.6 kB	2024-04-26	2024-04-26
Pretty URL brbrbr.blob.core.windows.net/home/mua1/js/sax.js IP 20.209.1.107 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:07:04 Last Seen2024-04-26 20:07:04 Times Seen2 Hash 9551bbbb2db698076b0e10608bf4cbed b385b210749a04fb3ab67a64f434cad99f14c316 2e5959d046591a437d42b9e37cc1fffb88f1809fc52ac1966d5e849aa64954a0 Loading...

HTTP Transactions (23)

URL IP Response Size

brbrbr.blob.core.windows.net/home/mua1/index.html

20.209.1.107

200 OK

15 kB

URL User Request GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/index.html
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (400)
Size
15 kB (14868 bytes)
Hash
78028fa99d3236334ecb2a107b3cd4f9
a181e53bbfd580639fef04e9e05f225ff2792bf8
38247ce1c493201916d00164ad0348e643989c9abe8c7626ac8ea41e416b2b52

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia
OpenPhish	phishing	Bancolombia

HTTP Headers

GET /home/mua1/index.html HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 14868
Content-Type: text/html
Content-MD5: eAKPqZ0yNjNOyyoQezzU+Q==
Last-Modified: Fri, 16 Feb 2024 22:06:20 GMT
ETag: 0x8DC2F3B8179AE11
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 254a5f6a-101e-0026-7104-98a94d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:06:13 GMT
expires: Sat, 26 Apr 2025 06:06:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 43224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

brbrbr.blob.core.windows.net/home/mua1/css/styles.css

20.209.1.107

200 OK

107 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/css/styles.css
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
ASCII text, with very long lines (360)
Size
107 kB (106725 bytes)
Hash
f30cd447e9ad82a1ace07dc32f9aa59c
9bcf700f4100ca38672793f75a3994ef6d96ab30
3535ba8b4223c434eb47a9be1f3d35065a3a781e1a7ae941cff7a5f2755649bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/css/styles.css HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 106725
Content-Type: text/css
Content-MD5: 8wzUR+mtgqGs4H3DL5qlnA==
Last-Modified: Fri, 16 Feb 2024 22:06:22 GMT
ETag: 0x8DC2F3B8300B8A0
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 254a6190-101e-0026-6b04-98a94d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/css/jquery-ui.css

20.209.1.107

200 OK

32 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/css/jquery-ui.css
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
ASCII text, with very long lines (1363)
Size
32 kB (31880 bytes)
Hash
2b936d08a6d742e862a089716f02d90d
6afd4058ec593fbca3c56a423c24a3c47eb87171
c9eeb55f7cf16683b871600ce998b61b1031629097be96069d5741f33adaf6d1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/css/jquery-ui.css HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 31880
Content-Type: text/css
Content-MD5: K5NtCKbXQuhioIlxbwLZDQ==
Last-Modified: Fri, 16 Feb 2024 22:06:21 GMT
ETag: 0x8DC2F3B8268F412
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 254a6296-101e-0026-6004-98a94d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/css/ui.css

20.209.1.107

200 OK

14 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/css/ui.css
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
ASCII text
Size
14 kB (13483 bytes)
Hash
fc4114c8fc5f70052eb79403116ba4c1
803d15f0eeb878417048c8fc28db4c53bec0f2ed
0265a31c7bea01a32328e09245aad8cf38ba3316a13e93080697b35e338f35b4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/css/ui.css HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 13483
Content-Type: text/css
Content-MD5: /EEUyPxfcAUut5QDEWukwQ==
Last-Modified: Fri, 16 Feb 2024 22:06:22 GMT
ETag: 0x8DC2F3B82AFBF87
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 254a62f3-101e-0026-3604-98a94d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/js/jquery.validate-1.11.1.js.descarga

20.209.1.107

200 OK

26 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/js/jquery.validate-1.11.1.js.descarga
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JavaScript source, ASCII text, with very long lines (2795)
Size
26 kB (26459 bytes)
Hash
ea15990a79091cfec6b371194c3d26dc
a5790e56d3ea1fb17ccc4d069dbba0781b35f055
23df149b107329b3e406b0f70b5e1bdf2455f7f4ee4e90b00e0dbfcf773e98a1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/js/jquery.validate-1.11.1.js.descarga HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 26459
Content-Type: application/octet-stream
Content-MD5: 6hWZCnkJHP7Gs3EZTD0m3A==
Last-Modified: Fri, 16 Feb 2024 22:06:25 GMT
ETag: 0x8DC2F3B848BB669
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 82abcb54-501e-0045-5704-9834b6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/js/bootstrap.js.descarga

20.209.1.107

200 OK

36 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/js/bootstrap.js.descarga
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JavaScript source, ASCII text, with very long lines (415)
Size
36 kB (36250 bytes)
Hash
ac685232d37fd9ea8e5adec8ea2964e0
4a60cb8af1fc731ef2f578773ae67aaaac959a7f
a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/js/bootstrap.js.descarga HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 36250
Content-Type: application/octet-stream
Content-MD5: rGhSMtN/2eqOWt7I6ilk4A==
Last-Modified: Fri, 16 Feb 2024 22:06:24 GMT
ETag: 0x8DC2F3B8439FAD1
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 254a6357-101e-0026-1304-98a94d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/js/jquery.jclockNew.js.descarga

20.209.1.107

200 OK

7.8 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/js/jquery.jclockNew.js.descarga
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JavaScript source, ASCII text
Size
7.8 kB (7794 bytes)
Hash
d5bd855b1a1ae610dab2f426107bc101
f3172d1d3ce6a90da44554d3c0d7bbc9910134a0
c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/js/jquery.jclockNew.js.descarga HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 7794
Content-Type: application/octet-stream
Content-MD5: 1b2FWxoa5hDasvQmEHvBAQ==
Last-Modified: Fri, 16 Feb 2024 22:06:24 GMT
ETag: 0x8DC2F3B843B7FC8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 82abcc77-501e-0045-6504-9834b6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/js/bluebird.min.js.descarga

20.209.1.107

200 OK

80 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/js/bluebird.min.js.descarga
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JavaScript source, ASCII text, with very long lines (32137), with escape sequences
Size
80 kB (79546 bytes)
Hash
5f381fc63d93a438adaca9c43041efb6
3d186ac6d244691754303d3153839bf42b57f7d1
fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/js/bluebird.min.js.descarga HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 79546
Content-Type: application/octet-stream
Content-MD5: Xzgfxj2TpDitrKnEMEHvtg==
Last-Modified: Fri, 16 Feb 2024 22:06:24 GMT
ETag: 0x8DC2F3B844B7356
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 65235ebc-e01e-001d-5204-98ece9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/js/sax.js

20.209.1.107

200 OK

1.6 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/js/sax.js
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.6 kB (1578 bytes)
Hash
9551bbbb2db698076b0e10608bf4cbed
b385b210749a04fb3ab67a64f434cad99f14c316
2e5959d046591a437d42b9e37cc1fffb88f1809fc52ac1966d5e849aa64954a0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia
urlquery	suspicious	Suspicious - Suspicious Javascript code

HTTP Headers

GET /home/mua1/js/sax.js HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1578
Content-Type: text/javascript
Content-MD5: lVG7uy22mAdrDhBgi/TL7Q==
Last-Modified: Fri, 16 Feb 2024 22:06:25 GMT
ETag: 0x8DC2F3B847FB60B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 254a63a7-101e-0026-5c04-98a94d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/css/bootstrap.css

20.209.1.107

200 OK

121 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/css/bootstrap.css
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
assembler source, ASCII text, with very long lines (540)
Size
121 kB (121294 bytes)
Hash
7fd1c4d3b601350f212dfa209134f45c
06a81c158674832ff7b0a377f83d48360a6c3dcf
40bbcf961798bbca588379db5479b0f1ca48f252e37c7b1c255736849859eb9a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/css/bootstrap.css HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 121294
Content-Type: text/css
Content-MD5: f9HE07YBNQ8hLfogkTT0XA==
Last-Modified: Fri, 16 Feb 2024 22:06:21 GMT
ETag: 0x8DC2F3B8214A355
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2151d703-f01e-0063-7504-987cae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/js/jquery-1.10.1.js.descarga

20.209.1.107

200 OK

146 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/js/jquery-1.10.1.js.descarga
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JavaScript source, ASCII text, with very long lines (1618)
Size
146 kB (145858 bytes)
Hash
43ab7751f1e8455471908c97a5977a6a
84ac89e3f5529b2a8f45032bd421d192b6b466ed
751bcbcd434089a9b12e9339a1891607ee99659ae3a674a6709e9a74dab21cd1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/js/jquery-1.10.1.js.descarga HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 145858
Content-Type: application/octet-stream
Content-MD5: Q6t3UfHoRVRxkIyXpZd6ag==
Last-Modified: Fri, 16 Feb 2024 22:06:25 GMT
ETag: 0x8DC2F3B84C93D7F
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4e3b895d-901e-0038-5504-984595000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/js/jquery-ui.js.descarga

20.209.1.107

200 OK

228 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/js/jquery-ui.js.descarga
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JavaScript source, ASCII text, with very long lines (32555)
Size
228 kB (228478 bytes)
Hash
12a65fcb49c314e8dbbcf8d090d26b8a
679dc5cc110ee2c7b083cf52541544c01efea018
8072615124c5bc2634fdecc09485c8b645c78ea27c212c3d61b80c26112bdcb8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/js/jquery-ui.js.descarga HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 228478
Content-Type: application/octet-stream
Content-MD5: EqZfy0nDFOjbvPjQkNJrig==
Last-Modified: Fri, 16 Feb 2024 22:06:26 GMT
ETag: 0x8DC2F3B850F1F8C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 30bf0fa5-901e-005a-1604-9887b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:37 GMT

brbrbr.blob.core.windows.net/home/mua1/login_SVP_BC_zonaA.html

20.209.1.107

200 OK

249 B

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/login_SVP_BC_zonaA.html
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
HTML document, ASCII text
Size
249 B (249 bytes)
Hash
57bbbaefe913f434507de62b3a121fa4
5533aa5cc3a8bff41742d3224b3af8c7b9149508
1ff5be933b8b31816e9649ef415c9b16ba9414ee3e927b289442587001bbf05d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/login_SVP_BC_zonaA.html HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 249
Content-Type: text/html
Content-MD5: V7u67+kT9DRQfeYrOhIfpA==
Last-Modified: Fri, 16 Feb 2024 22:06:20 GMT
ETag: 0x8DC2F3B81B53B84
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 30bf13c4-901e-005a-7304-9887b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/img/logo.svg

20.209.1.107

200 OK

7.0 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/img/logo.svg
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
SVG Scalable Vector Graphics image
Size
7.0 kB (7020 bytes)
Hash
c049dccd21049cb237daabdb645ec648
e29af3f65a8312efd3ea4c3b66d4bd86657dde1b
2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/img/logo.svg HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 7020
Content-Type: image/svg+xml
Content-MD5: wEnczSEEnLI32qvbZF7GSA==
Last-Modified: Fri, 16 Feb 2024 22:06:23 GMT
ETag: 0x8DC2F3B83C181E8
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4e3b8c59-901e-0038-3604-984595000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/img/icon-user.png

20.209.1.107

200 OK

447 B

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/img/icon-user.png
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
447 B (447 bytes)
Hash
0e3457ed5ea858d1e9287ef66dcbbfe4
006c99b62e141ebbc69f6e06cab757995d3f7417
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/img/icon-user.png HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 447
Content-Type: image/png
Content-MD5: DjRX7V6oWNHpKH72bcu/5A==
Last-Modified: Fri, 16 Feb 2024 22:06:23 GMT
ETag: 0x8DC2F3B83546DCF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2151d9c0-f01e-0063-7804-987cae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/css/icon_font_bc.ttf?61jkgi

20.209.1.107

200 OK

32 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/css/icon_font_bc.ttf?61jkgi
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icon_font_bc
Size
32 kB (31976 bytes)
Hash
8c9559a3d94688605d1d5e1cf68d5ae0
5c2b8fb865aefcc42f119542faa12bcaeaefbb3a
ad0f43b7fd52d2f1574ba930c85ce401f95d69e21ad997ffe8e7ad98fec2ffda

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/css/icon_font_bc.ttf?61jkgi HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 31976
Content-Type: application/octet-stream
Content-MD5: jJVZo9lGiGBdHV4c9o1a4A==
Last-Modified: Fri, 16 Feb 2024 22:06:21 GMT
ETag: 0x8DC2F3B823C231A
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 82abce9c-501e-0045-6b04-9834b6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/css/OpenSans-Regular.ttf

20.209.1.107

200 OK

217 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/css/OpenSans-Regular.ttf
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu
Size
217 kB (217276 bytes)
Hash
d7d5d4588a9f50c99264bc12e4892a7c
513966e260bb7610d47b2329dba194143831893e
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/css/OpenSans-Regular.ttf HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 217276
Content-Type: application/octet-stream
Content-MD5: 19XUWIqfUMmSZLwS5IkqfA==
Last-Modified: Fri, 16 Feb 2024 22:06:23 GMT
ETag: 0x8DC2F3B8393051E
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 254a64f0-101e-0026-7c04-98a94d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/css/CIBFontSans-Light.ttf

20.209.1.107

200 OK

111 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/css/CIBFontSans-Light.ttf
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved. CIBFont SansLight1.300;UKWN;CIBFontSan
Size
111 kB (110612 bytes)
Hash
69096387df83ff65381f8ee25006b0aa
89689ed7f7547a3815d9fa2d0a2c11513480086e
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/css/CIBFontSans-Light.ttf HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 110612
Content-Type: application/octet-stream
Content-MD5: aQljh9+D/2U4H47iUAawqg==
Last-Modified: Fri, 16 Feb 2024 22:06:21 GMT
ETag: 0x8DC2F3B826C9979
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 652361b3-e01e-001d-0a04-98ece9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/img/imgPublicidad.JPG

20.209.1.107

200 OK

38 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/img/imgPublicidad.JPG
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/login_SVP_BC_zonaA.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 634x331, components 3
Size
38 kB (38117 bytes)
Hash
4a65b999070b7293e100620d6fb29aa8
43b10da58290368556ed43ff3f283a231225a14c
6311c5d2cb59d792ad916d8dbcb7e4051d73612d444bf7dd6dd3e4391f9b43b5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/img/imgPublicidad.JPG HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/login_SVP_BC_zonaA.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 38117
Content-Type: image/jpeg
Content-MD5: SmW5mQcLcpPhAGINb7KaqA==
Last-Modified: Fri, 16 Feb 2024 22:06:23 GMT
ETag: 0x8DC2F3B8393A0AA
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 30bf14d3-901e-005a-7204-9887b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

brbrbr.blob.core.windows.net/home/mua1/img/favicon.ico

20.209.1.107

200 OK

4.3 kB

URL GET HTTP/1.1
brbrbr.blob.core.windows.net/home/mua1/img/favicon.ico
IP
20.209.1.107:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintBC:7F:B0:51:03:D5:B4:29:48:B4:4B:02:00:FE:1F:03:8E:5A:3E:F7
ValidityThu, 04 Apr 2024 23:16:04 GMT - Sun, 30 Mar 2025 23:16:04 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
ffa4717e6a1e77411c637682fafb79d2
05bdd644d747fedee3bf37fe38facd6a66263468
a7e42a9339ffbd5cad9f2d63bbd050fc3c518219117b7852153c165e246eb406

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /home/mua1/img/favicon.ico HTTP/1.1
Host: brbrbr.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/home/mua1/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 4286
Content-Type: image/x-icon
Content-MD5: /6Rxfmoed0EcY3aC+vt50g==
Last-Modified: Fri, 16 Feb 2024 22:06:23 GMT
ETag: 0x8DC2F3B83306C95
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 30bf15ac-901e-005a-3c04-9887b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 26 Apr 2024 18:06:38 GMT

ipinfo.io/

34.117.186.192

200 OK

280 B

URL GET HTTP/2
ipinfo.io/
IP
34.117.186.192:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerLet's Encrypt
Subjectipinfo.io
FingerprintC3:D1:C0:FE:0C:C8:E1:18:4F:C8:22:D0:9C:FF:D9:F4:EF:72:CD:6B
ValidityFri, 19 Apr 2024 20:17:23 GMT - Thu, 18 Jul 2024 20:17:22 GMT

File type
JSON text data
Size
280 B (280 bytes)
Hash
adf22d9a8ca3a97a9ff78909b8702358
f5046826566a7e98d6b5e5c7b0a65677c3bde708
756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3

HTTP Headers

GET / HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brbrbr.blob.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 18:06:39 GMT
content-type: application/json; charset=utf-8
content-length: 280
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-envoy-upstream-service-time: 4
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.ipify.org/?format=json

104.26.13.205

200 OK

21 B

URL GET HTTP/2
api.ipify.org/?format=json
IP
104.26.13.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://brbrbr.blob.core.windows.net/home/mua1/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectipify.org
FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7
ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT

File type
JSON text data
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brbrbr.blob.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://brbrbr.blob.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:06:39 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a882058a1e1c12-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML