Report - murjanacrepairing.com/auth/new/Saturday/September/2023%2009:09%20AM/c2FzYS56YXZyc2tpQGVnY3AuY29t

Report Overview

Visitedpublic

2023-09-11 07:23:30

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-10 21:56:27	514 B	6.9 kB	104.17.24.14
aadcdn.msauth.net	1421	2018-10-25	2018-11-19 11:50:03	2023-09-10 18:12:24	1.6 kB	6.6 kB	13.107.246.53
aadcdn.msauthimages.net	4795	2018-11-12	2019-08-14 20:34:06	2023-09-10 21:19:37	539 B	6.3 kB	152.199.23.72
murjanacrepairing.com	unknown	2023-05-26	2023-07-26 11:03:11	2023-09-11 08:05:26	552 B	404 B	65.109.37.186
confrariacorporativa.com.br	unknown	2011-07-11	2017-06-29 07:07:21	2023-09-11 08:00:36	1.5 kB	2.4 kB	216.172.160.199
ausperl.com	unknown	2006-09-06	2018-05-26 14:43:10	2023-08-22 10:42:37	1.0 kB	1.5 kB	185.184.154.129
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-10 21:35:06	860 B	61 kB	69.16.175.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-08-03
URL code.jquery.com/jquery-3.1.1.min.js IP / ASN 69.16.175.42 #20446 STACKPATH-CDN Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-03 Times Seen 119865 Size 87 kB (86709 bytes) MD5 e071abda8fe61194711cfc2ab99fe104 SHA1 f647a6d37dc4ca055ced3cf64bbc1f490070acba SHA256 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Format Code Loading...

	unknown	ScriptElement	10 kB	2023-08-21	2024-08-21
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2023-08-21 Last Seen 2024-08-21 Times Seen 2018 Size 10 kB (10451 bytes) MD5 bc5a64b49fba1be688e7e05db20e6d76 SHA1 121c8d05da4ffe58ac4727b4d6f7e2fba417529d SHA256 b50959f7a87978609cf008c94eb633b5124394984b5e3f00ad9abbf5e4acc3ce Format Code Loading...

	ausperl.com/wp-images/content/data/admin/js/sc.php	ScriptElement	819 B	2023-08-21	2024-09-19
URL ausperl.com/wp-images/content/data/admin/js/sc.php IP / ASN 185.184.154.129 #38719 Dreamscape Networks Limited Introduced by ScriptElement Embedded false Resource Info First Seen 2023-08-21 Last Seen 2024-09-19 Times Seen 2546 Size 819 B (819 bytes) MD5 29fd4b7043d4ad8b60c708fa6e7acd46 SHA1 89f2913a9a378e967451f0a451fad248f598ec60 SHA256 28b563456ae25b6e7b93271b10fec852df4a7a2de1eb6f292c18aa68ac577c64 Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	ecb6214660117aec421ad4adc8ca9a09	DocumentWrite	253 kB	2023-09-11	2024-08-21
Introduced by DocumentWrite First Seen 2023-09-11 Last Seen 2024-08-21 Times Seen 6 Size 253 kB (253158 bytes) MD5 ecb6214660117aec421ad4adc8ca9a09 SHA1 71989fc19c3de3f3769c4f3ceb4d24c6d1ff3f49 SHA256 1e124b374b9981faab949a6a56804bcb44345ccfc15296d9fbb43dcbdbf8db93 Format Code Loading...

HTTP Transactions (13)

URL IP Response Size

murjanacrepairing.com/auth/new/Saturday/September/2023%2009:09%20AM/c2FzYS56YXZyc2tpQGVnY3AuY29t

65.109.37.186

0 B

URL

murjanacrepairing.com/auth/new/Saturday/September/2023%2009:09%20AM/c2FzYS56YXZyc2tpQGVnY3AuY29t

IP / ASN

65.109.37.186

#24940 Hetzner Online GmbH

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-03

Times Seen5619488

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /auth/new/Saturday/September/2023%2009:09%20AM/c2FzYS56YXZyc2tpQGVnY3AuY29t HTTP/1.1
Host: murjanacrepairing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
refresh: 0;url=https://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Mon, 11 Sep 2023 07:23:12 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

confrariacorporativa.com.br/wp-includes/xml.html

216.172.160.199

218 B

URL

confrariacorporativa.com.br/wp-includes/xml.html

IP / ASN

216.172.160.199

#46606 UNIFIEDLAYER-AS-1

Requested byN/A

Resource Info

File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators

First Seen2023-09-11

Last Seen2023-09-12

Times Seen6

Size218 B (218 bytes)

MD5526eaf78aead9a541f40168d385fb986

SHA1e83390dfad83be086b75b6c1af3423219859ebcd

SHA2563293a3a87867983689b8596ac9a92f047c2c955e04575deee3012a8d463f6033

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /wp-includes/xml.html HTTP/1.1
Host: confrariacorporativa.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 08 Sep 2023 23:10:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 218
content-type: text/html
date: Mon, 11 Sep 2023 07:23:13 GMT
server: Apache
X-Firefox-Spdy: h2

GET ausperl.com/wp-images/content/data/admin/js/sc.php

185.184.154.129

200 OK

482 B

URL

ausperl.com/wp-images/content/data/admin/js/sc.php

IP / ASN

185.184.154.129

#38719 Dreamscape Networks Limited

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeASCII text, with CRLF line terminators

First Seen2023-08-21

Last Seen2024-09-19

Times Seen2546

Size482 B (482 bytes)

MD529fd4b7043d4ad8b60c708fa6e7acd46

SHA189f2913a9a378e967451f0a451fad248f598ec60

SHA25628b563456ae25b6e7b93271b10fec852df4a7a2de1eb6f292c18aa68ac577c64

Certificate Info

IssuerLet's Encrypt

Subjectwww.ausperl.com

Fingerprint25:79:B5:52:00:3A:5C:F7:C9:AF:2E:37:67:23:A6:A1:3B:1B:0E:ED

ValidityTue, 22 Aug 2023 07:41:43 GMT - Mon, 20 Nov 2023 07:41:42 GMT

HTTP Headers

GET /wp-images/content/data/admin/js/sc.php HTTP/1.1
Host: ausperl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.3.33
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
vary: Accept-Encoding
content-encoding: gzip
content-length: 482
content-type: application/javascript; charset=utf-8
date: Mon, 11 Sep 2023 07:23:14 GMT
server: Apache
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.1.1.min.js

69.16.175.42

200 OK

30 kB

URL

code.jquery.com/jquery-3.1.1.min.js

IP / ASN

69.16.175.42

#20446 STACKPATH-CDN

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeASCII text, with very long lines (32030)

First Seen2023-03-07

Last Seen2025-08-03

Times Seen119865

Size30 kB (30070 bytes)

MD5e071abda8fe61194711cfc2ab99fe104

SHA1f647a6d37dc4ca055ced3cf64bbc1f490070acba

SHA25685556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D

ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Sep 2023 07:23:14 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1694416994.dop207.sk1.t,1694416994.cds205.sk1.hn,1694416994.cds010.sk1.c
X-Firefox-Spdy: h2

GET confrariacorporativa.com.br/favicon.ico

216.172.160.199

500 Internal Server Error

1.1 kB

URL

confrariacorporativa.com.br/favicon.ico

IP / ASN

216.172.160.199

#46606 UNIFIEDLAYER-AS-1

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text

First Seen2023-04-11

Last Seen2025-04-22

Times Seen7

Size1.1 kB (1085 bytes)

MD50edd7fc8b8b54b5125b98a69ea1edb36

SHA1719a7df683014dc3fcddb8965d198ecb0bb465e5

SHA2569a68c7eaa83d719fd567fc975d0a2cbe6e5e30c5637d6ccfc3961445ee26e5e4

Certificate Info

IssuerLet's Encrypt

Subjectconfrariacorporativa.com.br

FingerprintA7:DE:ED:64:82:BA:CB:44:C7:85:D3:47:16:2A:47:29:AA:12:43:87

ValidityMon, 24 Jul 2023 17:36:52 GMT - Sun, 22 Oct 2023 17:36:51 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: confrariacorporativa.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/wp-includes/xml.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 500 Internal Server Error
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: gzip
content-length: 1085
content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 07:23:14 GMT
server: Apache
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

104.17.24.14

200 OK

5.9 kB

URL

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

IP / ASN

104.17.24.14

#13335 CLOUDFLARENET

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typetroff or preprocessor input, ASCII text, with very long lines (372)

First Seen2023-04-05

Last Seen2025-08-03

Times Seen69129

Size5.9 kB (5872 bytes)

MD5c495654869785bc3df60216616814ad1

SHA10140952c64e3f2b74ef64e050f2fe86eab6624c8

SHA25636e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Certificate Info

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D

ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://confrariacorporativa.com.br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Sep 2023 07:23:16 GMT
content-type: text/css; charset=utf-8
content-length: 5872
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942a3a-16f0"
last-modified: Thu, 22 Jun 2023 11:02:18 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 961244
expires: Sat, 31 Aug 2024 07:23:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOwCtAyyh7hMB%2BZH%2B8PUZPa07EKRxfQ2XzBHntQztCCHnJyDFuw9AE2A%2FM7wgqwGjHQdS4epn2Sx%2FpBmgD8AWUKNQfOKwIE2yX16DMewHseY6QAokuGd4WpG6O63BWf2loJIEoky"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 804e2a167a580b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.1.1.min.js

69.16.175.42

200 OK

30 kB

URL

code.jquery.com/jquery-3.1.1.min.js

IP / ASN

69.16.175.42

#20446 STACKPATH-CDN

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeASCII text, with very long lines (32030)

First Seen2023-03-07

Last Seen2025-08-03

Times Seen119865

Size30 kB (30070 bytes)

MD5e071abda8fe61194711cfc2ab99fe104

SHA1f647a6d37dc4ca055ced3cf64bbc1f490070acba

SHA25685556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D

ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 11 Sep 2023 07:23:16 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1694416996.dop207.sk1.t,1694416996.cds205.sk1.hn,1694416996.cds010.sk1.c
X-Firefox-Spdy: h2

GET aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg

13.107.246.53

200 OK

1.2 kB

URL

aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg

IP / ASN

13.107.246.53

#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2905), with no line terminators

First Seen2023-05-04

Last Seen2025-08-03

Times Seen80812

Size1.2 kB (1173 bytes)

MD5fe87496cc7a44412f7893a72099c120a

SHA1a0c1458c08a815df63d3cb0406d60be6607ca699

SHA25655ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1

Certificate Info

IssuerDigiCert Inc

Subjectaadcdn.msauth.net

Fingerprint44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96

ValiditySat, 29 Jul 2023 00:00:00 GMT - Mon, 29 Jul 2024 23:59:59 GMT

HTTP Headers

GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1173
content-type: image/svg+xml
content-encoding: gzip
content-md5: XHrPYKKsqlxUvysuxtSE2A==
last-modified: Fri, 17 Jan 2020 19:28:39 GMT
etag: 0x8D79B83749623C9
x-cache: TCP_HIT
x-ms-request-id: bb3ce0ce-701e-0074-6dcc-db697b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 08lXxZAAAAABpXwaTivHpToAwSHpdbIohQU1TMDRFREdFMTkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0ZMD+ZAAAAACgKJACH4FNSIl/YG0SBDTYU1ZHMjBFREdFMDUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 11 Sep 2023 07:23:16 GMT
X-Firefox-Spdy: h2

GET aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg

13.107.246.53

200 OK

199 B

URL

aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg

IP / ASN

13.107.246.53

#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators

First Seen2023-04-19

Last Seen2025-07-07

Times Seen47137

Size199 B (199 bytes)

MD527a6d18b56f46818420e60a773c36d4e

SHA1346ec247500fddc51cc1d85b8f4b9a343f7a48d3

SHA2568ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904

Certificate Info

IssuerDigiCert Inc

Subjectaadcdn.msauth.net

Fingerprint44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96

ValiditySat, 29 Jul 2023 00:00:00 GMT - Mon, 29 Jul 2024 23:59:59 GMT

HTTP Headers

GET /shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 199
content-type: image/svg+xml
content-encoding: gzip
content-md5: Ibdh8rH9N/WH1yIgI7CSdg==
last-modified: Fri, 17 Jan 2020 19:28:39 GMT
etag: 0x8D79B8374CE7F93
x-cache: TCP_HIT
x-ms-request-id: 0f09f4d4-001e-003f-34c8-d09f7d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 06efdZAAAAADGUUOxjKoJRZK9sROFUCiVQU1TMDRFREdFMTkxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0ZMD+ZAAAAAADJ46tFJo+TpWSVRnnISMeU1ZHMjBFREdFMDUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 11 Sep 2023 07:23:16 GMT
X-Firefox-Spdy: h2

GET aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg

13.107.246.53

200 OK

2.4 kB

URL

aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg

IP / ASN

13.107.246.53

#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4714), with CRLF line terminators

First Seen2023-04-19

Last Seen2025-08-03

Times Seen84948

Size2.4 kB (2407 bytes)

MD5b59c16ca9bf156438a8a96d45e33db64

SHA14e51b7d3477414b220f688adabd76d3ae6472ee3

SHA256a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8

Certificate Info

IssuerDigiCert Inc

Subjectaadcdn.msauth.net

Fingerprint44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96

ValiditySat, 29 Jul 2023 00:00:00 GMT - Mon, 29 Jul 2024 23:59:59 GMT

HTTP Headers

GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 2407
content-type: image/svg+xml
content-encoding: gzip
content-md5: nTculR1Fom7eLci0F6rk+A==
last-modified: Fri, 11 Mar 2022 11:11:29 GMT
etag: 0x8DA034FE445C10D
x-cache: TCP_HIT
x-ms-request-id: 7d2d0a05-901e-003e-1750-ddb47f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0D87yZAAAAAB5p37x7wXkSaqkVm2XWI9hQU1TMDRFREdFMTgxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0ZMD+ZAAAAACuIthZl6mcQIZzAeMf8qeNU1ZHMjBFREdFMDUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Mon, 11 Sep 2023 07:23:16 GMT
X-Firefox-Spdy: h2

POST ausperl.com/wp-images/content/data/308e0f9.php

185.184.154.129

200 OK

164 B

URL

ausperl.com/wp-images/content/data/308e0f9.php

IP / ASN

185.184.154.129

#38719 Dreamscape Networks Limited

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeJSON data\012- , ASCII text, with no line terminators

First Seen2023-09-11

Last Seen2023-09-11

Times Seen3

Size164 B (164 bytes)

MD59f7b29b3cec1e3c69f9e8ecf74a645cc

SHA13d3b6ac89ca67754e20a113a54846531a18ef908

SHA256a7cb307a60b41b1ddcce2c9dc797c4fb6b492980630db8ddebf12aefee0586c7

Certificate Info

IssuerLet's Encrypt

Subjectwww.ausperl.com

Fingerprint25:79:B5:52:00:3A:5C:F7:C9:AF:2E:37:67:23:A6:A1:3B:1B:0E:ED

ValidityTue, 22 Aug 2023 07:41:43 GMT - Mon, 20 Nov 2023 07:41:42 GMT

HTTP Headers

POST /wp-images/content/data/308e0f9.php HTTP/1.1
Host: ausperl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 26
Origin: https://confrariacorporativa.com.br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
set-cookie: PHPSESSID=8885117a5ae635f646c87b4fecba30c9; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 164
content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 07:23:17 GMT
server: Apache
X-Firefox-Spdy: h2

GET aadcdn.msauthimages.net/c1c6b6c8-hgjywgjo-zk-8klwfhghhn5mmma8-kkvuni4pfswtk/logintenantbranding/0/bannerlogo?ts=636646528423244876

152.199.23.72

200 OK

5.7 kB

URL

aadcdn.msauthimages.net/c1c6b6c8-hgjywgjo-zk-8klwfhghhn5mmma8-kkvuni4pfswtk/logintenantbranding/0/bannerlogo?ts=636646528423244876

IP / ASN

152.199.23.72

#15133 EDGECAST

Requested byhttps://confrariacorporativa.com.br/wp-includes/xml.html#sasa.zavrski@egcp.com

Resource Info

File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 128x60, components 3\012- data

First Seen2023-07-24

Last Seen2023-09-11

Times Seen3

Size5.7 kB (5729 bytes)

MD513884efd14e98c491ce5c1eeae2fd5ef

SHA1a6e4091a305ce94c3ca287faad0216c73940c486

SHA256335088ed503a458e39b0bc4619874bfb343378e078761601dbdaaa5c15dde9b3

Certificate Info

IssuerMicrosoft Corporation

Subjectaadcdn.msauthimages.net

Fingerprint6B:EB:AC:06:FC:06:82:11:17:1C:6B:72:7D:B5:95:2D:CF:E7:A3:5D

ValidityWed, 08 Mar 2023 11:16:34 GMT - Sat, 02 Mar 2024 11:16:34 GMT

HTTP Headers

GET /c1c6b6c8-hgjywgjo-zk-8klwfhghhn5mmma8-kkvuni4pfswtk/logintenantbranding/0/bannerlogo?ts=636646528423244876 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://confrariacorporativa.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 546
cache-control: public, max-age=86400
content-md5: E4hO/RTpjEkc5cHuri/V7w==
content-type: image/*
date: Mon, 11 Sep 2023 07:23:18 GMT
etag: 0x8D5D2A4FE9113F6
last-modified: Fri, 15 Jun 2018 09:47:23 GMT
server: ECAcc (ska/F77B)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 389de8ac-301e-0043-3c7f-e406db000000
x-ms-version: 2009-09-19
content-length: 5729
X-Firefox-Spdy: h2

GET confrariacorporativa.com.br/wp-includes/xml.html

216.172.160.199

200 OK

241 B

URL

confrariacorporativa.com.br/wp-includes/xml.html

IP / ASN

216.172.160.199

#46606 UNIFIEDLAYER-AS-1

Requested byN/A

Resource Info

File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators

First Seen2023-09-11

Last Seen2023-09-11

Times Seen5

Size241 B (241 bytes)

MD569c18b5ef79bf9e5a20acb69cc7da999

SHA1800e7e69bbef54ff2537995c482d1d37ff95bdef

SHA2566001e3281f72533e110befb7a39be5ebf477f7ce963e3f6d13f122217d9497e5

Certificate Info

IssuerLet's Encrypt

Subjectconfrariacorporativa.com.br

FingerprintA7:DE:ED:64:82:BA:CB:44:C7:85:D3:47:16:2A:47:29:AA:12:43:87

ValidityMon, 24 Jul 2023 17:36:52 GMT - Sun, 22 Oct 2023 17:36:51 GMT

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /wp-includes/xml.html HTTP/1.1
Host: confrariacorporativa.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 08 Sep 2023 23:10:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 218
content-type: text/html
date: Mon, 11 Sep 2023 07:23:13 GMT
server: Apache
X-Firefox-Spdy: h2